View all jobs

Senior FedRAMP Security Engineer

Open, United States
Title:                     Senior FedRAMP Security Engineer
Location:               Open, United States (Remote)
Salary:                  DOE
Travel:                  Up to 25%
We are seeking a dynamic professional with 8+ years of hands-on cybersecurity experience in performing and/or participating in DoD and/or NIST-based system security assessments, privacy assessments, continuous monitoring, and/or other Assessment and Authorization (A&A) activities; specifically with strong experience and background in Cloud Computing and FedRAMP.
Duties and Responsibilities:
  • Lead the development, assessment, and analyzing of cyber security documentation for client information systems in accordance with FISMA, NIST RMF for Federal Civilian Agencies, RMF for DoD IT, FedRAMP, and departmental standards.
  • Lead the performance of system/network vulnerability scanning and analysis using both automated tools and manual techniques.
  • Lead technical assessments using standard industry tools such as Nessus, DB Protect, WebInspect, ACAS (for DoD), and others.
  • Lead in the Identification and application of vulnerability remediations, fix procedures, and when necessary mitigation techniques.
  • Lead in the identification and mitigation of cyber security risks through formal assessment activities.
  • Lead compliance related discussions (this includes expert understanding of applicable compliance frameworks, architectures, and security control requirements (technical and non-technical).
  • Support and lead the business development process through participation as the FedRAMP SME.
  • Support the School of Cybersecurity (SCS) by providing instruction to clients for FedRAMP and Cloud Security Courses.
  • Lead customers to resolve cybersecurity issues and concerns as well as to explain how compliance with various standards and frameworks are achieved.
  • Lead the day-to-day activities required to deliver a project on time and within budget.
  • Lead regular project meetings; deliver succinct and accurate status updates.
  • Manage client delivery teams to include mid-level and junior security assessors, as necessary.
Skills and Qualifications:
  • 8+ years of experience in performing and/or participating in FISMA based security Assessment and Authorization (A&A) activities.
  • SME knowledge of Cloud Computing and FedRAMP.
  • SME knowledge of FISMA, NIST/DoD RMF, and NIST SP 800-series publications.
  • SME knowledge of testing tools such as Nessus/ACAS, SCC, DISA STIGs / STIG Viewer, Wire Shark, Flying Squirrel, etc.
  • Experienced with Software Development Lifecycle (SDLC) and related terminology as it relates to Information Security/Information Assurance.
  • Self-motivated and able to work/lead in an independent manner or as part of a client delivery team.
  • Able to own and author original content/reports/attestations.
  • Exceptional organizational, planning, and attention to detail skills.
  • Able to work in a fast-paced, deadline-driven, remote environment.
  • Able to travel at least 25% as required for various client engagements.
  • Must be a US Citizen and able to obtain an active SECRET Security Clearance
  • Strong technical background.
  • Coding/Programming experience with one or more of the following tools: Python, Perl, Shell, Bash, Batch, etc.
  • Experience and technical knowledge in security engineering, secure architecture development, system and network security, authentication and security protocols, applied cryptography, and application security.
  • Bachelor’s degree in IT related field or equivalent technical certifications.
  • The following certifications (more than one is preferred): Lunarline, Inc. School of Cybersecurity “Certified Expert” certifications, Security+, CISSP, CEH, SFCP, GCIA, ISSEP, ISSMP, GCIH, GCFA, CSLC, CISM, CCNA, CCNP, Network+, CAP, SANS security certifications, etc.
Full List of Company Benefits

Lunarline is an equal opportunity employer. It is the policy of Lunarline that all employees and applicants for employment will be treated in all respects on the basis of their merit and qualifications and without regard to their race, color, national origin, age, disability, sexual orientation, religion, gender, military status, marital status or ancestry.
Lunarline participates in the E-Verify program. Therefore, any employment with Lunarline will also be contingent upon confirmation from the Social Security Administration ("SSA") and/or the Department of Homeland Security ("DHS") of your authorization to work in the United States. 
The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time, as needed.
More Openings
Junior Software Engineer
Cyber Threat Analyst
Senior System Engineer
Deputy CISO
Powered by