The Role
Lead cloud security for DoD IL5 AWS environments, integrate AppSec into CI/CD (ADO/Git), run vulnerability management with Fortify/Tenable/Amazon Inspector, support RMF/ATO artifact generation, analyze scans, enforce STIGs/SRGs, and advise cross-functional teams on remediation and security configuration.
Summary Generated by Built In
Who we are
Lawelawe is a Native Hawaiian Owned Small Disadvantaged Business (NHO SDB) that specializes in providing a range of services to federal government clients, including program management, digital solutions, human capital and training, and medical staffing. Lawelawe leverages our NHO status to secure federal contracts that not only drive business success but also support our overall mission to uplift economically disadvantaged Native Hawaiian families and preserve the Native Hawaiian heritage.
You Are
As a remote Senior Information Assurance (IA) Engineer to lead critical cloud security operations, DevSecOps pipeline integration, and compliance auditing. The ideal candidate will have extensive hands-on experience securing AWS cloud infrastructure operating at DoD Impact Level 5 (IL5), with preparations for Impact Level 6 (IL6).
How You’ll Make an Impact
This senior role requires deep expertise in Application Security (AppSec) tools, secure code methodologies, and vulnerability management, along with a foundational understanding of the DoD Risk Management Framework (RMF) to support continuous compliance and Authority to Operate (ATO) efforts.
Responsibilities
The Team
Lawelawe Defense Inc ("LDI") is an SBA Certified 8(a) Native Hawaiian Owned (NHO) SDB Lawelawe Defense offers an outstanding record of delivery on various projects encompassing: Program and Portfolio Management; Systems Engineering and Architecture; Network Engineering and Operations; Data Center Optimization and Operations; Desktop/Server and Application Virtualization.
Here's What You Need
Preferred Qualifications
Benefits
Lawelawe is a Native Hawaiian Owned Small Disadvantaged Business (NHO SDB) that specializes in providing a range of services to federal government clients, including program management, digital solutions, human capital and training, and medical staffing. Lawelawe leverages our NHO status to secure federal contracts that not only drive business success but also support our overall mission to uplift economically disadvantaged Native Hawaiian families and preserve the Native Hawaiian heritage.
You Are
As a remote Senior Information Assurance (IA) Engineer to lead critical cloud security operations, DevSecOps pipeline integration, and compliance auditing. The ideal candidate will have extensive hands-on experience securing AWS cloud infrastructure operating at DoD Impact Level 5 (IL5), with preparations for Impact Level 6 (IL6).
How You’ll Make an Impact
This senior role requires deep expertise in Application Security (AppSec) tools, secure code methodologies, and vulnerability management, along with a foundational understanding of the DoD Risk Management Framework (RMF) to support continuous compliance and Authority to Operate (ATO) efforts.
Responsibilities
- Lead the design, implementation, and maintenance of advanced security controls within AWS cloud environments operating at DoD IL5, ensuring architectural readiness for future IL6 integration.
- Architect and manage security testing integrations within Azure DevOps (ADO) and Git environments. Embed and automate Application Security (AppSec) into the CI/CD pipeline.
- Administer, utilize, and optimize security testing tools, specifically Fortify and Tenable, to identify, assess, and drive the remediation of code and infrastructure vulnerabilities.
- Conduct continuous compliance auditing and security assessments. Apply foundational (junior-level) knowledge of the DoD Risk Management Framework (RMF) to support the generation and maintenance of artifacts required for Authority to Operate (ATO).
- Analyze complex security scan results, coordinate cross-functionally with development teams to remediate findings, and enforce strict DoD security configuration guidelines (e.g., STIGs, SRGs).
- Provide input to internal project teams consisting of both contract partners and government customer to ensure effective use of IT solutions, tools, and processes.
The Team
Lawelawe Defense Inc ("LDI") is an SBA Certified 8(a) Native Hawaiian Owned (NHO) SDB Lawelawe Defense offers an outstanding record of delivery on various projects encompassing: Program and Portfolio Management; Systems Engineering and Architecture; Network Engineering and Operations; Data Center Optimization and Operations; Desktop/Server and Application Virtualization.
Here's What You Need
- MA/MS in a related field with a minimum 10+ years of relevant experience, or BA/BS in a related field with a minimum 15+ years of relevant experience.
- Five years’ experience in monitoring, testing, troubleshooting, and performing corrective actions for Cybersecurity IT systems.
- Active Secret security clearance
- U.S. citizenship required.
- CompTIA Security+ Certification
- Direct operational experience with security scanning and vulnerability management tools, specifically Fortify and Amazon Inspector. Proficiency with Git and CI/CD orchestration using Azure DevOps (ADO).
- Demonstrates foundational knowledge of the RMF lifecycle, ATO processes, and DoD security methodologies, coupled with a practical understanding of key technologies including defensive cyber event logging, application security, commercial DoD PKI, and AWS/Azure cloud authorization.
- Experience in developing metrics from associated Cybersecurity elements, including trend analysis.
- Ability to provide input to internal project teams consisting of both system users and IT resources as well as functional proponents and Army communities to ensure effective use of IT solutions, tools, and processes.
Preferred Qualifications
- Prior experience working with ECMA to implement DoD cloud solutions.
- Familiarity with additional code quality and security tools such as SonarQube, Semgrep, or Checkmarx.
- Prior experience transitioning enterprise systems from DoD IL5 to IL6 environments.
- Advanced cloud or security certifications (e.g., AWS Certified Security Specialty, CISSP, CCSP).
Benefits
- A competitive compensation package
- Comprehensive health and wellness benefits, including medical, dental, and vision plans
- Access to company-provided retirement savings options with matching contributions
- Opportunities for professional growth and continued learning
- Additional perks such as discounts on various services and products
- Remote work
Skills Required
- MA/MS with 10+ years relevant experience or BA/BS with 15+ years relevant experience
- Minimum five years monitoring, testing, troubleshooting, and corrective actions for cybersecurity IT systems
- Active Secret security clearance
- U.S. citizenship
- CompTIA Security+ certification
- Direct operational experience with security scanning and vulnerability management tools (Fortify, Tenable, Amazon Inspector)
- Proficiency with Git and CI/CD orchestration using Azure DevOps (ADO)
- Foundational knowledge of RMF lifecycle, ATO processes, and DoD security methodologies
- Practical understanding of defensive cyber event logging, application security, commercial DoD PKI, and AWS/Azure cloud authorization
- Experience developing cybersecurity metrics and trend analysis
- Ability to provide input to project teams, system users, IT resources, and Army communities
- Familiarity with Fortify specifically called out for code testing integration
Am I A Good Fit?
Get Personalized Job Insights.
Our AI-powered fit analysis compares your resume with a job listing so you know if your skills & experience align.
Success! Refresh the page to see how your skills align with this role.
The Company
What We Do
Lawelawe Defense Inc ("LDI") is an SBA Certified 8(a) Native Hawaiian Owned (NHO) SDB leveraging the capability and past performance of the Lawelawe portfolio of companies. Lawelawe in Hawaiian means "TO CARE FOR OTHERS." We were created to support the parent charity's nonprofit initiatives to uplift economically disadvantaged Native Hawaiian families and preserve the Native Hawaiian heritage. We specialize in performing: Program Management and Business Transformation; Human Capital and Training; Digital Solutions; and Medical Staffing, Healthcare and Health IT. Lawelawe Defense offers an outstanding record of delivery on various projects encompassing: Program and Portfolio Management; Systems Engineering and Architecture; Network Engineering and Operations; Data Center Optimization and Operations; Desktop/Server and Application Virtualization.
.jpg)
