Defcon AI

Resilience In The Face Of Disruption

Platform Security Lead

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 11-50H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

40 days ago

Salary

$175K - $215K / year

Seniority

Senior

Bachelor Degree10 yrs expEnglish

Job Description

Platform Security Lead

Defcon AI

• Define and execute the ATO pathway, including responsibility allocation across government and contractor teams • Author and maintain RMF documentation (SSP, SAP, SCTM, ConMon) in accordance with DoDI 8510.01 and NIST 800-53 • Coordinate with eMASS and Authorizing Officials on assessment and authorization activities • Lead continuous monitoring and reauthorization efforts across the system lifecycle • Define security requirements for cross-domain data flows (IL-5, IL-6, tactical edge) • Evaluate and guide selection of DoD-approved cross-domain solutions • Ensure classification-aware data segmentation is enforceable, auditable, and aligned with policy (e.g., NOFORN, REL_TO, ORCON) • Review system architecture to ensure compliant handling of classified data flows • Support secure operation across NIPR, SIPR, and higher classification environments • Define authorization approaches (inheritance vs. standalone ATOs) across enclaves • Ensure security posture scales without requiring fundamentally different architectures • Serve as the authoritative internal resource for DoD security and RMF-related questions • Advise on container security, RBAC, service mesh security, PKI/CAC integration, and secrets management • Define expectations for security scanning, container hardening, and vulnerability management (without owning the pipeline) • Evaluate new capabilities for security and authorization impacts prior to production deployment

Job Requirements

  • 10+ years of information assurance or security engineering experience with increasing seniority
  • 5+ years of hands-on ownership of RMF / ATO packages for DoD production systems, including at least one full authorization cycle (categorization → controls → implementation → assessment → authorization → ConMon)
  • Deep familiarity with DoD security frameworks, RMF processes, and NIST 800-53 controls
  • Proven ability to operate in complex, multi-enclave or classified environment
  • US Citizenship Required
  • Active Secret Clearance
  • Willing to travel up to 25% for business needs

Benefits

  • A fully remote, results-based environment
  • Competitive salary, bonus, and equity package
  • 100% employer paid, comprehensive health insurance including medical, dental, and vision for you and your family
  • Unlimited PTO, with your manager’s approval
  • Flexible work environment where you manage your work day
  • 14 weeks of fully-paid parental leave

Related Categories

Related Job Pages

More Security Engineer Jobs

Full TimeRemoteTeam 11-50H1B Sponsor

• Define and execute the ATO pathway, including responsibility allocation across government and contractor teams • Author and maintain RMF documentation (SSP, SAP, SCTM, ConMon) in accordance with DoDI 8510.01 and NIST 800-53 • Coordinate with eMASS and Authorizing Officials on assessment and authorization activities • Lead continuous monitoring and reauthorization efforts across the system lifecycle • Define security requirements for cross-domain data flows (IL-5, IL-6, tactical edge) • Evaluate and guide selection of DoD-approved cross-domain solutions • Ensure classification-aware data segmentation is enforceable, auditable, and aligned with policy (e.g., NOFORN, REL_TO, ORCON) • Review system architecture to ensure compliant handling of classified data flows • Support secure operation across NIPR, SIPR, and higher classification environments • Define authorization approaches (inheritance vs. standalone ATOs) across enclaves • Maintain alignment with evolving joint and service-level security requirements

Virginia
$175K - $215K / year
Pipe logo

Lead Security Engineer

Pipe

Pipe has built the world’s first trading platform to help founders access the capital they need to grow on their terms.

Full TimeRemoteTeam 51-200Since 2020H1B Sponsor

• Review and help design robust security standards and monitoring • Maintain and improve our policy-as-code platform to enable rapid detection and response • Work closely with our Infrastructure team to ensure cloud-based deployments have proper monitoring and adhere to our policies • Manage SOC II audits, set a high standard for compliant software and processes, and ensure we consistently meet those standards • Participate in on-call rotation to support critical security issues • Own the vulnerability disclosure program and triage inbound reports to security@ • Run periodic tabletop exercises and incident response drills • Maintain security policies and lead recurring reviews (e.g., firewall changes, security reviews) • Lead responses to partner and customer security questionnaires • Maintain the security risk register, track remediation, and produce periodic security metrics for leadership

North America
$150K - $220K / year
Cadmus Soluções em TI logo

IAM Security Consultant

Cadmus Soluções em TI

Parceira que transforma desafios em resultados!

Full TimeRemoteTeam 1,001-5,000Since 1995H1B No Sponsor

• Manage user identities, roles, and access rights across IAM platforms and Active Directory. • Handle ServiceNow tickets related to IAM access requests, incidents, and changes. • Provision, modify, and deprovision access in IAM tools, systems, and local servers. • Provide administrative support including account unlocks, password resets, and remote access provisioning. • Act as last-level support for ATA-operated IAM solutions. • Collaborate closely with IAM operations teams, stakeholders, and customers. • Prepare and deliver weekly and monthly IAM service status reports. • Support internal and external audits by providing evidence and representing the IAM administration team.

Brazil
Job Closed
EY logo

Senior Risk Consultant – Digital Risk, Application Security

EY

Building a #BetterWorkingWorld by providing trust through assurance and helping organizations grow, transform & operate.

Full TimeRemoteTeam 10,001+Since 1989H1B Sponsor

• Conduct application security assessments to identify and mitigate potential security risks. • Analyse software systems to identify potential threats and vulnerabilities. • Create and maintain threat models that outline potential attack vectors. • Collaborate with development teams to remediate identified vulnerabilities. • Validate threat models against industry standards. • Document findings from threat modelling assessments. • Review code written by developers to identify security flaws. • Perform various security tests, including SAST and DAST. • Provide technical guidance for application onboarding activities. • Work closely with development teams, product managers, and other stakeholders to gather information. • Design and implement process improvements for the Application Security program.

India
Job Closed