• Define and drive the multi-year technical roadmap for Audit Logging, SIEM Integration, and Unified Security Visibility • Design fault-tolerant, high-throughput audit and telemetry pipelines in Go • Architect the Unified Security Dashboard • Design and deliver integrations with leading SIEM platforms • Lead the redesign of DigitalOcean's audit log infrastructure • Partner with IAM, Threat Detection, DOKS, Billing, and Platform Engineering • Establish logging schema standards, event taxonomy, and observability engineering practices • Mentor and develop senior and mid-level engineers

Role Description Step into a role where you can make a significant impact on the security posture of Department of Defense (DoD) information systems. As a Security Authorization Expert, you will: - Own the day-to-day security authorization posture of assigned DoD information systems. - Work within a well-resourced team with dedicated engineering, operations, and architecture support. - Develop expertise in modern RMF tooling including eMASS and eMASSer automation. - Directly support mission continuity by managing ATO packages and continuous monitoring programs. - Grow into a senior GRC role with clear advancement pathways. Responsibilities: - Develop, maintain, and update System Security Plans (SSPs) for assigned systems. - Manage Plans of Action & Milestones (POA&Ms) from identification through remediation and closure. - Compile and submit Authorization to Operate (ATO) packages. - Conduct continuous monitoring activities per established strategy. - Utilize eMASS for GRC management and RMF workflow tracking. - Coordinate with Information System Security Engineers (ISSEs) and Security Operations (SecOps) to validate control implementations. - Develop Security Assessment Plans (SAPs) and support Security Assessment Report (SAR) coordination. - Draft supply chain risk management plans. - Support the Cybersecurity Architect with RMF strategic planning. Qualifications - Active Secret or Top Secret clearance. - 3–5 years of RMF/ATO experience within DoD or federal environments. - Hands-on experience with eMASS. - Working knowledge of NIST SP 800-53r5 and DoD RMF processes. - Demonstrated ability to independently author SSPs and manage POA&Ms. Requirements - Required Certification: DoD 8140.03M DCWF Basic tier certification — CEH. - Education: DoD 8140 Interim Education Options. - Desired Certification: DoD 8140.03M DCWF Intermediate tier certification — one of: CEH(P), RCCE Level 1, Cloud+, CPTE, FITSP-A, GCED, GCIH, GCSA, GICSP, GSEC, PenTest+, or Security+. - Desired Education: Bachelor’s degree in Computer Science, Cybersecurity, Data Science, Information Systems, Information Technology, or Software Engineering. - Desired: Experience with eMASSer or similar RMF automation tooling. - Exposure to cloud-hosted or hybrid system authorization boundaries. - Familiarity with the DoD RMF Knowledge Service. Benefits - Competitive compensation. - Healthcare benefits. - Wellness programs. - Financial benefits. - Retirement plans. - Family support. - Continuing education opportunities. - Time off benefits.

• Lead all facility-related responsibilities and security operations across the organization • Oversee facility management, leasing, and compliance • Manage personnel clearances, secure facilities, and physical security programs • Ensure compliance with all government security requirements and regulations • Conduct regular security assessments and implement improvements

• Expertise in designing secure networks, systems, and application architectures • Manage/implement design, installation, configuration, setup, testing, troubleshooting, documentation of security solutions including IAM, endpoint security, firewalls, email security, content filtering and security awareness. • Proficient with networks, systems, applications, and cloud security • Proficiency with risk assessment and vulnerability scanning tools, technologies, and methods • Escalation point for security-related incidents • Proactively report possible threats and or vulnerabilities • Proactively research weaknesses and find ways to counter them • Find cost-effective solutions to cybersecurity problems • Information Technology Security representative on IT projects to provide security advice, expertise, and recommendations • Conduct security awareness training • Planning, researching, and developing security policies, standards and procedures • Ensure the tuning and effectiveness of security tools deployed across the environment • Work closely with our Managed Security Services Provider (MSSP) and IT teams to review alerts and investigate security incidents • 24/7 Availability for Identity & Access Management, Security Incident Response and Escalation • Performs other related job duties, as assigned