RSI Security logo
RSI Security

Compliance & Cybersecurity Provider | Rethinking Your Cybersecurity

Proposal Manager – Cybersecurity, Compliance

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 51-200H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

1 day ago

Salary

$100K - $130K / year

Seniority

Senior

Bachelor Degree5 yrs expEnglishCyber Security

Job Description

Proposal Manager – Cybersecurity, Compliance

RSI Security

• Manage the full lifecycle of RFP/RFI/RFQ responses for cybersecurity and compliance services • Evaluate opportunities and collaborate with leadership to prioritize qualified proposals • Develop and edit proposal content describing RSI’s cybersecurity services and methodologies • Coordinate with sales, delivery teams, and subject matter experts to gather technical input • Ensure proposals meet solicitation requirements, compliance standards, and submission deadlines • Maintain and improve proposal templates, response libraries, and documentation • Support development of service scope and pricing structures aligned with proposal requirements • Track proposal submissions and maintain records within proposal management tools

Job Requirements

  • 5+ years of proposal management or RFP response experience
  • Experience supporting proposals for cybersecurity, IT services, or compliance consulting
  • Familiarity with cybersecurity frameworks such as: PCI DSS, SOC 2, ISO 27001, CMMC, FedRAMP, HITRUST
  • Strong ability to translate technical information into clear written proposals
  • Experience coordinating cross-functional teams during proposal development
  • Excellent written communication and document management skills.

Benefits

  • Health insurance
  • 401(k) matching
  • Flexible work hours
  • Paid time off
  • Professional development opportunities

Related Categories

Related Job Pages

More Security Engineer Jobs

Role Description Wir suchen mit Startdatum Juni/Juli/August für einen Zeitraum von 3-6 Monaten engagierte, innovationshungrige Mitstreiter:innen, die gemeinsam mit Partnern wie Samsung, Rolex, Bayer oder politischen Partnern an zukunftsweisenden Herausforderungen arbeiten möchten. Da wir ein Startup sind, bekommst du im Rahmen deines Praktikums bei uns Einblicke in unterschiedliche Tätigkeitsfelder und kannst ab Tag 1 Verantwortung übernehmen. Zu deinen Aufgaben gehören unter anderem: - Du setzt dich inhaltlich mit unserer Innovations-Methodik auseinander und erstellst visuelle Prozess-Guides und Boards, damit unsere Kunden und Innovationsteams strukturiert innovative Lösungen entwickeln können. - Du unterstützt bei der Erstellung und Optimierung von Challenge Briefings sowie bei der Entwicklung von Key Note Content, indem du initialen Research betreibst und konstruktives Feedback einbringst. - Du koordinierst und organisierst Meetings mit unseren Kunden, kümmerst dich um die Agenda und bereitest relevante Inhalte auf. - Du unterstützt das Projektmanagement-Team bei verschiedenen projektrelevanten Aktivitäten, z. B. bei der Entwicklung der passenden Scoutingstrategie, beim Sichten von Lösungen im Rahmen des Einreichungsmanagements, bei der Vorbereitung projektrelevanter Dokumente und nicht zuletzt unterstützt du nach Bedarf unsere Events. - Du betreust projektbeteiligte Stakeholder: Je nach Entwicklungskurve wirst du in die Moderation von Terminen mit unseren Kunden und Innovator:innen eingebunden. - Du verfolgst die Ideenentwicklung der Innovator:innen für eine Challenge von der ersten Idee bis hin zur Entwicklung einer konkreten, umsetzbaren Lösung und unterstützt im gesamten Prozess. - Du arbeitest dabei intern mit unterschiedlichen Abteilungen zusammen und erhältst dabei bereichsübergreifende Einblicke. Qualifications - Du kommunizierst gerne mit anderen Menschen, baust zwischenmenschliche Beziehungen auf und hilfst ihnen bei der Entwicklung neuer Ideen. - Du bist ein Organisationstalent und hast Freude daran, die Planung und Organisation unserer Programme zu unterstützen. - Du bist inhaltlich stark und kannst komplexe Themen schnell erfassen und strukturiert aufbereiten. - Du hast die Fähigkeit, dich in komplexe Sachverhalte und Umfelder einzuarbeiten und übernimmst gerne Rechercheaktivitäten. - Du bist lernbereit und offen für ein sich wandelndes, kreatives und dynamisches Umfeld. - Du verfügst über fließende Sprachkenntnisse in Englisch und Deutsch. Benefits - Da wir als Startup die 4-Tage-Woche eingeführt haben, hast auch du jede Woche 3 Tage Wochenende. - Du kannst vollkommen flexibel arbeiten, wann und wo du willst - Hauptsache, das Ergebnis stimmt. - Du arbeitest kontinuierlich mit Vorreitern an Trendthemen in den Bereichen Digitalisierung und Nachhaltigkeit und gestaltest somit die Innovationen von Morgen. - Als ein junges 25-köpfiges Team fördern wir die Zusammenarbeit auf Augenhöhe mit Kollegialität anstatt Konkurrenz. - Wir unterstützen dich mit kontinuierlichen Coaching- und Weiterbildungsprogrammen (bspw. Design Thinking oder Kommunikations-Coachings). - Wir haben einen Office-Space mitten in der Frankfurter Innenstadt.

Germany
Full TimeRemoteTeam 1,001-5,000

Role Description The Cybersecurity IAM Engineer provides technical design, implementation, and support of IAM platforms and integrations. Ensures secure and reliable identity services through engineering and troubleshooting. Remote in approved states only. Essential Job Functions - Configure and administer IAM platforms (Saviynt, CyberArk, Silverfort, Entra ID). - Develop and maintain IAM workflows for provisioning, deprovisioning, and recertification. - Ensure systems are patched, upgraded, and performing securely. - Integrate applications and systems with IAM platforms. - Monitor performance, availability, and compliance of IAM services. - Document architecture, processes, and configurations. Qualifications - Bachelor’s degree or equivalent experience. - Expertise with IAM platforms (Saviynt, CyberArk, Silverfort, Entra ID). - Knowledge of JML processes, authentication, and PAM. - Experience delivering IAM projects and integrations. - Familiarity with HIPAA, PCI DSS, and NIST CSF. - 5+ years IAM engineering or administration experience. - Certifications required: CyberArk Trustee/Defender, or Saviynt IGA, or Microsoft Entra ID certifications, or equivalent IAM governance/engineering certs. Requirements - Bachelor's Degree (Required) Benefits - Medical, dental and vision insurance. - Employer paid group term life and disability. - Employer contribution toward Health Savings Account. - Flexible Spending Accounts. - Paid Time Off (PTO), Paid Holidays and Paid Parental Leave. - 403(b) with a 5% employer match. - Various voluntary benefits: - Supplemental Life, AD&D and Disability. - Critical Illness, Accident and Hospital Indemnity coverage. - Tuition assistance. - Student loan servicing and support. - Adoption benefits. - Backup Childcare and Eldercare. - Employee Assistance Program, and other specialized behavioral health services and resources for employees and family members. - Discount on services at Lurie Children’s facilities. - Discount purchasing program.

United States
$99.8K - $164.7K / year

Role Description We're looking for a Senior Security Engineer to lead application security efforts across our product portfolio, spanning web applications, APIs, mobile, embedded software, and shipped product deliverables. You'll be embedded in the engineering organization, partnering with product and platform teams to bake security into every phase of the software development lifecycle, not bolt it on at the end. A critical part of this role is developing and maintaining a deep understanding of our product attack surface, how components interact, what's exposed, and where real risk lives. That understanding is what transforms security tooling output into prioritized, meaningful action across threat modeling, vulnerability management, and supply chain risk. This is a high-impact role for someone who is equally comfortable reading source code, threat modeling a new microservice, and coaching a developer through a secure code review. What You'll Do - Application Security & Secure SDLC - Own and evolve the AppSec program across the entire SDLC — from design reviews to post-deployment monitoring — for web, API, mobile, and shipped product deliverables. - Build and maintain a living model of the product attack surface — mapping trust boundaries, data flows, exposed interfaces, and high-value targets — and use it to drive prioritization across all security workstreams. - Conduct threat modeling and architecture security reviews for new features, services, and product releases across all delivery channels. - Perform manual and automated secure code reviews across multiple languages (e.g. Python, Go, TypeScript, C/C++). - Integrate and tune SAST, DAST, and SCA tooling within CI/CD pipelines (GitHub Actions, Jenkins, or equivalent). - Triage and drive remediation of vulnerabilities surfaced through scanning, bug bounty, and pen tests. - Develop and maintain a library of security standards, patterns, and guardrails applicable across product types. - Third-Party & Supply Chain Security - Own the Software Bill of Materials (SBOM) program — define generation, storage, and consumption processes across all product lines. - Establish and maintain policies for evaluating, onboarding, and continuously monitoring third-party dependencies and open-source components. - Triage and prioritize CVEs and license risks surfaced through SCA tooling, driving timely remediation with engineering teams. - Define processes for responding to upstream supply chain incidents (e.g. compromised packages, malicious dependencies). - Collaborate with procurement and legal to assess security risk of third-party vendors and integrations. - Contribute to industry frameworks and internal standards around software supply chain security (SLSA, NIST SSDF, or equivalent). - Act as a trusted security advisor embedded within product engineering squads. - Lead security training, lunch-and-learns, and developer education initiatives. - Collaborate with the Platform team on secrets management, identity, and access controls. - Work with the GRC function to translate compliance requirements (SOC 2, ISO 27001) into engineering controls. - Incident & Vulnerability Management - Participate in the security on-call rotation and lead security incident response investigations. - Drive root cause analysis and communicate findings clearly to engineering leadership. - Build and maintain metrics and dashboards to track the health of the AppSec program. - Participate as a member of the Cybersecurity council, representing development in the organization. Report weekly on new threat intelligence as it relates to product security, and any actions that are being taken to remediate new findings. Qualifications - 5+ years of experience in security engineering, with a strong AppSec focus. - Hands-on experience with threat modeling frameworks (STRIDE, PASTA, or similar). - Proficiency with common AppSec tooling: Semgrep, Snyk, Burp Suite, OWASP ZAP, or equivalents. - Deep understanding of web application vulnerabilities (OWASP Top 10, API security, auth/authz flaws). - Ability to read and reason about code in at least two languages; prior development experience a plus. - Experience with software supply chain security — SBOM generation and analysis (CycloneDX, SPDX), SCA tooling, and dependency risk management. - Strong written and verbal communication skills — you can explain risk to both engineers and executives. Requirements - Experience with cloud-native environments (AWS, GCP, or Azure) and container/Kubernetes security. - Familiarity with software supply chain frameworks such as SLSA, NIST SSDF, or OpenSSF Scorecards. - Contributions to open-source security tooling or security research. - Relevant certifications: OSCP, CSSLP, GWEB, or similar. Who You Are - Experienced security professional with a strong background in application security and secure software development. - Skilled at threat modeling, secure code reviews, and identifying real-world risks across complex systems. - Knowledgeable in web, API, mobile, and software supply chain security best practices. - Comfortable working with developers to embed security throughout the SDLC. - Proficient with security testing and vulnerability management tools, including SAST, DAST, and SCA solutions. - Strong communicator who can translate technical risks into actionable recommendations. - Collaborative, proactive, and driven to improve both product security and engineering security culture. - Passionate about continuous learning, emerging threats, and helping teams build secure products at scale.

United States
Full TimeRemoteTeam 201-500Since 2015H1B Sponsor

• Build native security controls for Codex • Partner with engineering, design, security, and safety teams to develop controls for: - Identity, roles, permissions, and tenant isolation. - Access to repositories, files, tools, MCP servers, secrets, networks, and infrastructure. - Read, write, execute, and deployment authority. - Human and policy-based approvals. - Prompt-injection and untrusted-content defenses. - Audit trails, provenance, stop conditions, revocation, and rollback. • Help establish a graduated authority model in which local, read-only, and reversible actions require less friction than actions involving production systems, credentials, sensitive data, or irreversible changes. • Develop common, versioned interfaces that allow customer-selected security products to participate in Codex workflows. • Define requirements for authentication, authorization, customer consent, data minimization, and backwards compatibility. • Work directly with security vendors and enterprise design partners to turn interfaces into production integrations. • Create partner SDKs, reference implementations, technical documentation, test environments, conformance suites, and certification requirements. • Define how enterprise administrators configure and understand Codex security controls, including policies, approved security providers, and audit workflows. • Work with teams to test controls under realistic conditions and evaluate risks such as permission bypass and malicious tools.

United States
$293K - $385K / year