Senior Security Specialist

540 is looking for a Senior Security Specialist to help the federal government #GetShitDone. The Senior Security Specialist is responsible for obtaining, maintaining, and overall cybersecurity posture a new build Army application.

A successful candidate will have experience obtaining an ATO from start to finish, RMF, creating RMF artifacts, working with multiple technical teams, monitoring system operations, hardware and software for vulnerabilities and working with the cloud / development teams to remediate findings, manage any POAMs.

Location: Remote within the continental United States, East Coast working hours with some flexibility afforded. Occasional travel may be required (2-3x annually)
Citizenship & Clearance Requirement: per client requirements, must be a US Citizen with the ability to obtain a DoD Secret clearance
Education Requirement: Bachelor’s Degree in Computer Science or related engineering field (preferred)
540 Internal Thrive Level: Senior Security Specialist

WHY 540?

540 is a forward-thinking company that the government turns to in order to #GetShitDone. We do more than talk about it, we break down barriers to innovation and build impactful tech. We’re looking for someone with big ideas, who thrives on innovation and is a self-starter. If you love to learn about and work with new technologies, we want to talk to you.

REQUIRED SKILLS & EXPERIENCE

• 6+ years of relevant experience in cybersecurity, particularly within the DoD / Army
• CompTIA Security+ certification
• Ability to obtain Certified Information Systems Security Professional (CISSP) certification or other recognized security accreditation
• Demonstrated experience in the delivery of security documentation to achieve Authorization to Operate (ATO)
• Strong knowledge of RMF (Risk Management Framework), NIST SP 800-53, and related cybersecurity standards
• Experience managing Army eMASS records and coordinating inherited controls from cARMY and other control sources
• Ability to provide security subject matter expertise to development and architecture teams, ensuring alignment with security posture and guidelines
• Proficient in POA&M (Plan of Actions & Milestones) management
• Expertise in implementing and maintaining system security policies, procedures, and documentation in accordance with DoD and Army cybersecurity requirements.
• Proficiency in conducting risk assessments, vulnerability scans, and continuous monitoring to ensure systems are secure and compliant with RMF
• Experience developing, updating, and enforcing Information Assurance (IA) documentation, such as System Security Plans (SSP) and POA&Ms
• Excellent communication skills to serve as the primary liaison between technical teams and stakeholders for all security-related issues
• Ability to stay current with cybersecurity threats and adjust security measures as needed
• Hands-on experience supporting system accreditation processes (ATO/C&A) for information systems
• Capability to lead or assist in security awareness training for project teams
• Strong collaboration skills to work with technical staff on the implementation and maintenance of security controls throughout the project lifecycle
• Ability to respond to security incidents quickly and mitigate them in a timely manner
• Experience with security assessment and sign-off on system releases

NICE TO HAVE SKILLS & EXPERIENCE

• Experience working with the federal government, specifically with the Department of Defense (DoD) and the Army
• RMF 2.0 experience
• Knowledge of DoD STIGs, STIG vulnerabilities, and remediation strategies
• Experience delivering Continuous ATO
• Knowledge of security concerns for delivering on commercial cloud platforms (specifically AWS)

BENEFITS & PERKS

• 100% covered health, dental and vision premium for employees, optional dependent coverage
• Flexible Spending Account (FSA)
• 401k with employer match
• Company Sponsored Life Insurance, Short and Long Term Disability coverage
• Flexible PTO + all Federal holidays off
• Home Office allowance
• Reimbursement for trainings / certifications
• Paid AWS Developer account
• Macbook Pro
• Referral Bonus - good people know good people
• Annual Social Events (540 week, hackathon, holiday party, charity golf tournament, etc.)
• Access to 540’s Washington Capitals tickets

EQUAL EMPLOYMENT OPPORTUNITY (EEO)

540's policy is to provide equal employment opportunity to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.