Security Engineer, Federal Assurance

3 Months ago • All levels • Cyber Security • $165,600 PA - $198,720 PA

Job Summary

Job Description

The Security Engineer will be responsible for supporting Assessment and Authorization and agency audit activities for Scale’s products in the US Government and global Public Sector space. This role involves leading public sector security compliance projects, collaborating with various teams to implement security controls, working with 3PAOs and federal government AOs, ensuring security configurations, conducting vulnerability scans, and leading Risk Management Assessment and Authorization processes. This position requires developing and maintaining security documentation, leading compliance reviews, evaluating new certification programs, and providing security awareness training. The ideal candidate should have a strong understanding of cybersecurity principles, project management experience, and excellent communication skills.
Must have:
  • Active US Top Secret security clearance.
  • Minimum IAT Level 2 certification (Security +, CASP, or similar).
Good to have:
  • Experience with FedRAMP, DoD Cloud Computing SRG, NIST 800-171, NIST 800-53, CMMC, NIST 800-53.
  • STIG/RMF policy knowledge & implementation.
  • Experience in project management.
  • Ability to translate between business and technical risk.
  • Excellent organizational and communications skills.
  • Understanding of cybersecurity controls for cloud service providers.
  • Knowledge of AWS and other government authorized cloud services.
  • 5+ years of security compliance or technology audit related experience.

Job Details

Our Security team works on operational issues at the leading edge of machine learning technology. You will join a creative and solutions-oriented team collaborating with internal teams at Scale and externally with our customers. Scale is looking for an experienced security and compliance professional to support Assessment and Authorization and agency audit activities for Scale’s products that are offered in the US Government and global Public Sector space. We are looking for relentlessly curious, deliberately open-minded, and action-oriented generalists who can design effective legal advice, internal policies, and operational processes while employing an empathetic interpersonal style. If you enjoy solving novel and challenging problems and building strong teams and relationships while doing it, we’d love to hear from you!

You will:

  • Lead public sector security compliance projects and audits (FedRAMP HIGH, DoD Cloud Computing SRG IL4/IL5/IL6 , NIST 800-53 rev 5, NIST 800-171/CMMC, Risk Management Framework)
  • Collaborate with product, engineering, security, operations, people operations, and legal to implement new technical, administrative, and operational controls
  • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports
  • ​​Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures 
  • Serve as a liaison between system owners and other security personnel, ensuring that selected security controls are effectively implemented and maintained throughout the lifecycle of projects
  • Act as a liaison between system owners and other security personnel to facilitate effective communication and collaboration
  • Develop, maintain, review, and update system security documentation on a continuous basis 
  • Conduct required vulnerability scans and develop Plan of Action and Milestones (POAMs) in response to reported security vulnerabilities. Manage risks by coordinating correction or mitigation actions and tracking the completion of POAMs 
  • Coordinate system owner concurrence for correction or mitigation actions and monitor security controls to maintain security Authorized To Operate (ATO)
  • Upload security control evidence to the Governance, Risk, and Compliance (GRC) application (eMASS or Xacta) to support security control implementation during the monitoring phase
  • Lead Risk Management Assessment and Authorization (A&A) processes for deployments
  • Perform Cloud system risk assessments, enhance process workflows, and develop new processes
  • Implement all applicable manual Security Technical Implementation Guides (STIGs), vendor hardening guides and ensuring timely installation of all available patches
  • Create and maintain ATO packages
  • Lead security compliance reviews for new products, changes, and features
  • Proactively evaluate and advise the business on new and evolving certification programs, requirements, and technologies
  • Develop and provide training to improve the security awareness and knowledge for all employees and contractors

Required:

Active US Top Secret security clearance with minimum IAT Level 2 certification (Security +, CASP, or similar) 

Ideally you’d have:

  • Experience implementing and maintaining some of the following frameworks and standards: FedRAMP, DoD Cloud Computing SRG, NIST 800-171, NIST 800-53, CMMC, NIST 800-53.
  • STIG/RMF policy knowledge & implementation, including validating compliance via ACAS and other relevant tests.
  • Experience in project management and taking projects from conception to launch
  • An ability to translate between business and technical risk and communicate clearly to leadership
  • Excellent organizational and communications skills
  • Understanding of cybersecurity controls for cloud service providers
  • Knowledge of AWS and other government authorized cloud services
  • 5+ years of security compliance or technology audit related experience

Nice-to-haves:

  • Bachelor’s degree in accounting, information systems, computer science, or a related field

Similar Jobs

Cloud Imperium Games - Senior Level Designer

Cloud Imperium Games

Manchester, England, United Kingdom (On-Site)
2 Months ago
MiQ - Head of Agency Partnerships (WPP, Publicis)

MiQ

New York, United States (Hybrid)
2 Months ago
Qualcomm - Senior ASIC Synthesis/DFT Engineer

Qualcomm

Colombes, Île-de-France, France (On-Site)
2 Months ago
Sailpoint - Solution Architect

Sailpoint

Pune, Maharashtra, India (On-Site)
1 Year ago
Visa - Employee Resource Group Manager

Visa

Atlanta, Georgia, United States (Hybrid)
1 Month ago
Tekion Corp - Senior Security Engineer (SOC)

Tekion Corp

Bengaluru, Karnataka, India (On-Site)
1 Month ago
NXP - Embedded Systems Security Engineer

NXP

Gratkorn, Styria, Austria (On-Site)
2 Months ago
sphere entertainment - Analyst Security Intelligence

sphere entertainment

Las Vegas, Nevada, United States (On-Site)
4 Weeks ago
Canonical - Security Engineer - Ubuntu

Canonical

(Remote)
2 Months ago
Valeo - IT Infrastructure Engineer - Cloud Cybersecurity

Valeo

Créteil, Île-de-France, France (Hybrid)
2 Months ago

Get notifed when new similar jobs are uploaded

Similar Skill Jobs

LTI Mindtree - Senior Specialist - Package Implementation

LTI Mindtree

Mexico City, Mexico (On-Site)
1 Month ago
truecaller - Director of Engineering

truecaller

Stockholm, Stockholm County, Sweden (On-Site)
2 Months ago
Sabre India - Business Development Manager – Lodging, Ground & Sea (APAC)

Sabre India

Shanghai, China (Remote)
3 Weeks ago
Yahoo - Sales FP&A Lead

Yahoo

United States (Remote)
1 Month ago
Regent craft - Vice President, Manufacturing

Regent craft

North Kingstown, Rhode Island, United States (On-Site)
3 Months ago
Tesla - Sales Leader - Park Royal (London)

Tesla

London, England, United Kingdom (On-Site)
5 Months ago
SEGULA Technologies - Project Manager - Infrastructure

SEGULA Technologies

Abu Dhabi, Abu Dhabi, United Arab Emirates (On-Site)
4 Weeks ago
Globalization Partners - Business Development Representative

Globalization Partners

Mexico (Remote)
4 Weeks ago
PayPal - Manager, Software Engineering

PayPal

Bengaluru, Karnataka, India (Hybrid)
2 Months ago
DRIFE - Social Media Manager

DRIFE

Bengaluru, Karnataka, India (On-Site)
10 Months ago

Get notifed when new similar jobs are uploaded

Jobs in Washington, District of Columbia, United States

bytedance - Workplace Planning Specialist, AMS

bytedance

Los Angeles, California, United States (On-Site)
3 Months ago
Temporal Technologies - Staff Product Manager, Observability

Temporal Technologies

United States (Remote)
4 Weeks ago
Sword Health - Chief Information Security Officer

Sword Health

United States (Remote)
2 Months ago
AiDash - Principal Data Scientist, Wildfire Management

AiDash

Palo Alto, California, United States (Remote)
10 Months ago
zoox - Senior Wire Harness Engineer

zoox

Foster City, California, United States (On-Site)
3 Months ago
SSC Technologies - Associate Manager, Hedge Fund Tax Accounting

SSC Technologies

New York, United States (Hybrid)
2 Months ago
Apple - AI Data Scientist

Apple

Cupertino, California, United States (On-Site)
1 Month ago
Aristocrat - Third Party Risk Manager

Aristocrat

Las Vegas, Nevada, United States (Hybrid)
1 Month ago
Sailpoint - Co-Op, Engineering

Sailpoint

East Durham, New York, United States (On-Site)
1 Month ago
Sony pictures animation  - Story Artist - Feature

Sony pictures animation

Culver City, California, United States (On-Site)
8 Months ago

Get notifed when new similar jobs are uploaded

Cyber Security Jobs

Barracuda - Cybersecurity Developer

Barracuda

Ottawa, Ontario, Canada (Hybrid)
4 Months ago
Rive - Security & DevOps Engineer

Rive

San Francisco, California, United States (Hybrid)
1 Month ago
BigID - Principal Software Engineer - AI Security

BigID

Tel Aviv-Yafo, Tel Aviv District, Israel (Remote)
2 Months ago
Jam City - Corporate IT Security Engineer

Jam City

Los Angeles, California, United States (Remote)
1 Month ago
Rippling - Senior Software Engineer - Security and Compliance

Rippling

Seattle, Washington, United States (On-Site)
1 Month ago
bounteous - Senior Information Security Analyst

bounteous

Chennai, Tamil Nadu, India (On-Site)
6 Months ago
Intel  - Government Information Security Engineer

Intel

Hillsboro, Oregon, United States (Hybrid)
1 Month ago
Twitch - Senior Security Engineer

Twitch

Seattle, Washington, United States (On-Site)
4 Weeks ago

Get notifed when new similar jobs are uploaded

About The Company

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (Hybrid)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

San Francisco, California, United States (On-Site)

London, England, United Kingdom (On-Site)

View All Jobs

Get notified when new jobs are added by Scale AI

Level Up Your Career in Game Development!

Transform Your Passion into Profession with Our Comprehensive Courses for Aspiring Game Developers.

Job Common Plug