AGE Solutions LLC logo
AGE Solutions LLC

#betterwithage

Senior Security Control Assessor

Security EngineerSecurity EngineerFull TimeRemoteSeniorTeam 51-200Since 2021H1B No SponsorCompany SiteLinkedIn

Location

United States

Posted

4 days ago

Salary

$90K / year

Seniority

Senior

Job Description

Senior Security Control Assessor

AGE Solutions LLC

Role Description AGE Solutions is looking for a Security Control Assessor, Senior to join our team in support of a cybersecurity risk management and assessment program with our DoD customer. The Assessors will be part of a project team responsible for Cybersecurity Assessments and Authorization (A&A), Risk Management, Information Assurance (IA) Support, and Risk Adjudication and Connection services. - Conduct cybersecurity assessments, audits, and inspections for DoD organizations and partners handling DoD information or connecting to the DoDIN. - Evaluate systems and Defensive Cyberspace Operations using cyber threat emulation and performance-based testing. - Adhere to policies and processes for each assessment type. - Support assessment development and execution to ensure security expertise is properly applied. - Coordinate logistics, test plans, and scope with the SCA Team Lead. - Perform vulnerability assessments, capture results using STIG Viewer or designated tools, and document findings in eMASS. - Analyze security gaps and provide mitigation recommendations. - Validate cybersecurity controls, TTPs, STIGs, RMF controls, and compliance with DoD policies and guidelines. - Provide risk analysis and assessment results for authorization recommendations. - Participate in daily assessment reviews, in-briefs, and out-briefs, sharing findings with the SCA-R. - Mentor and guide personnel by providing technical expertise, best practices, and professional development support to enhance team capabilities and knowledge. Qualifications - Bachelor's degree (IT-related field preferred). - Eight (8) years of overall experience in cybersecurity or network security position. - Five (5) years of experience in a Certification and Accreditation/A&A role. - Have an active DoD Top Secret clearance with SCI eligibility. - DoD 8570 IAM/IA Technical (IAT) Level II certification. - Demonstrated experience with STIGs (Security Technical Implementation Guides), Security Requirement Guides (SRGs), Plan of Action and Milestones (POA&Ms) and cybersecurity best practices. - Advanced understanding of the RMF process, NIST SP 800-37, NIST SP 800-53, CNSSI 1253. - Demonstrated experience with relevant tools such as eMASS, STIG Viewer, Nessus, ACAS, SCAP, or HBSS. - Advanced understanding of key technologies areas/domain such as: Network, Mobility, Windows, UNIX, Cloud Environments and Cloud Native Tools/Services, Host Based Security System (HBSS)/Endpoint Security Solutions (ESS), Databases, Applications. - Strong written and verbal communication skills for reporting assessment findings. Requirements - This is a remote role requiring approximately 85% travel, Local, CONUS and OCONUS. - Candidates must possess a valid U.S. Passport or have the ability to obtain one in a timely manner. - Strong preference will be given to candidates who currently reside in the DMV (Washington, DC, Maryland, Virginia) region or Pennsylvania, or who are willing to relocate to one of these areas to support customer requirements and team collaboration activities. Benefits - 26 Days Paid Leave: Includes vacation, sick, personal time, and holidays. You choose how to use it. - Performance Bonuses: Performance bonuses are awarded based on individual contributions and company-wide results, aligning recognition with impact. - 401(k) with Match: We match 3% of your contributions with immediate vesting. - Financial Protection: Company-paid life insurance up to $300K and options for additional coverage for you and your dependents. - Health Benefits: Multiple medical plans, dental, vision, FSA and HSA options to fit your needs. - Parental Leave: 15 days of fully paid leave for new parents, because family matters. - Military Differential Pay: We bridge the gap for employees on active duty, so they don’t take a financial hit while serving. - Professional Growth: Paid training and certifications, tuition reimbursement, and the tools and tech to get the job done right. - Shared Success: In the event of a company sale, our CEO has committed to returning 80% of net proceeds to employees. This ensures our team shares in the long term value they help create.

Related Categories

Related Job Pages

More Security Engineer Jobs

Role Description Working directly with the CTO, you'll own security, infrastructure ops, and reliability across Rise's cloud, application, and on-chain surfaces. This is a builder's role, not a purely advisory one - you'll harden what exists, design what's missing, and be the person the team turns to when security and infrastructure questions come up. This is a hands-on role: you'll run the day-to-day infrastructure operations behind our code releases and keep our production infrastructure healthy, available, and secure. - End-to-end accountability for the infrastructure, on a mostly serverless stack designed to keep operational overhead low. - Opportunity to define the security and infrastructure function and build a team beneath you as Rise grows. Qualifications - 8+ years in DevOps / infrastructure / SRE, with significant security engineering ownership. - Deep, hands-on Google Cloud Platform experience (Cloud Run, IAM, networking, BigQuery, logging/monitoring, SecOps, SCC). - Strong security fundamentals: IAM and least privilege, secrets/key management, network security, incident response, and vulnerability management. - Production experience with Ethereum / EVM - wallets, key management, transaction signing, and smart-contract interaction. - Comfort in a Node.js / TypeScript and MySQL environment. - Hands-on Cloudflare experience (WAF, DNS, edge security, Pages). - Infrastructure-as-code and CI/CD fluency. - Proven incident-response track record. Requirements - Authorized to work in the United States and U.S.-based. Benefits - Base salary: $170,000–$210,000. - Meaningful equity in a growing company. - Unlimited PTO and a flexible work schedule - we care about outcomes, not hours. - 401(k) with a 3% company grant. - Fully remote within the United States.

United States
$170K - $210K / year
Snowflake logo

Staff Security Engineer – Enterprise Security

Snowflake

Snowflake delivers the AI Data Cloud to help organizations share data, build apps and power their business with AI.

Full TimeRemoteTeam 5,001-10,000Since 2012H1B Sponsor

• Develop, maintain, and scale Snowflake's endpoint security solutions • Build intelligent security platforms and automate security operations using AI • Monitor security events, investigate incidents, and build real-time detection and prevention systems • Conduct regular risk and threat analyses to proactively identify vulnerabilities • Develop and implement unified security policies and procedures • Partner across Security, Engineering, IT, and Product to define endpoint security strategy • Establish and uphold the highest standards for security engineering.

California + 1 moreAll locations: California | Washington
$211K - $303.6K / year
DraftKings Inc. logo

Staff Security Engineer, AI

DraftKings Inc.

Defining what it means to build and deliver the most extraordinary sports & entertainment experiences.The Crown is Yours

Full TimeRemoteTeam 1,001-5,000Since 2012

At DraftKings, AI is becoming an integral part of both our present and future, powering how work gets done today, guiding smarter decisions, and sparking bold ideas. It's transforming how we enhance customer experiences, streamline operations, and unlock new possibilities. Our teams are energized by innovation and readily embrace emerging technology. We're not waiting for the future to arrive. We're shaping it, one bold step at a time. To those who see AI as a driver of progress, come build the future together. The Crown Is Yours We're seeking a Staff Security Security Engineer to join our growing security team focused on ensuring our use of emerging technology at DraftKings is done safely and securely, relying on deep technical expertise and knowledge to assess how to safely connect and deploy new workflows, processes, and technologies. To do this you will work strategically, influencing the company's overall security posture, architecture, and roadmap in a variety of domains. You'll work with product, engineering and research teams to build and deploy tooling that will help the business connect different services and data together. You'll explain your work to a broad audience spanning from individual contributors in a variety of departments to senior leadership. The team you're joining is cross-disciplinary, driven, supportive, and global. Each member brings unique, respected perspectives whether they just joined or were founding team members. What you'll do as a Staff Security Engineer - Set the security standards and guardrails for the AI platform. Define the principles, reference architectures, and policy-as-code that all AI tooling at DraftKings adheres to, so that many teams can build agents and workflows while still meeting a consistent security bar. Focus on specifying the environment, infrastructure, and authentication methods agents rely on, rather than reviewing every individual implementation. - Review and build the architecture of AI gateways and tooling. Provide security review, sign-off, and possibly pair on implementation of these systems, and the systems that they interface with. - Make the security review process scale. Streamline how AI services move through InfoSec review on their way to production, so the bar stays high but does not become the bottleneck. - Reduce AI-driven security noise. Partner with platform and detection teams on telemetry (tool-call metrics, auditing agents over that data) and on lightweight controls like standardized system prompts that cut unnecessary investigations without slowing engineers down. - Drive remediation efforts of complex, cross-functional security issues. When relevant, you'll be called into investigations to assist. - Coach and raise the bar. Mentor security and platform engineers, lead technical and SME discussions on AI security, and elevate the team's overall capability in this space. What you'll bring - 7+ years experience in engineering - building and operating systems in production. - 5+ years experience contributing and advising on security design. - Broad security fluency across infrastructure and enterprise security - endpoint protection, network security, identity, SaaS tools, and cloud security - even if your deepest expertise is in application and product security. - Deep hands-on ability to debug systems issues. We're comfortable hacking on things to solve security problems, so long as we can unlock functionality and make it usable for the organization. - Experience writing high quality code in a typed and untyped programming language. - Excellent collaboration and communication skills - you can align engineering, platform, privacy, legal, and leadership stakeholders, and you bias toward enabling teams rather than blocking them. - Ability to manage competing priorities and thrive in a fast-paced, dynamic environment. Join Our Team We're a publicly traded (NASDAQ: DKNG) technology company headquartered in Boston. As a regulated gaming company, you may be required to obtain a gaming license issued by the appropriate state agency as a condition of employment. Don't worry, we'll guide you through the process if this is relevant to your role. The US base salary range for this full-time position is 160,700.00 USD - 200,900.00 USD, plus bonus, equity, and benefits as applicable. Our ranges are determined by role, level, and location. The compensation information displayed on each job posting reflects the range for new hire pay rates for the position across all US locations. Within the range, individual pay is determined by work location and additional factors, including job-related skills, experience, and relevant education or training. Your recruiter can share more about the specific pay range and how that was determined during the hiring process. It is unlawful in Massachusetts to require or administer a lie detector test as a condition of employment or continued employment. An employer who violates this law shall be subject to criminal penalties and civil liability.

United States
$160.7K - $200.9K / year
Full TimeRemoteTeam 501-1,000H1B No Sponsor

Role Description Aretum is seeking a Senior Security Controls Assessor. As a Senior Security Controls Assessor, you will be responsible for conducting comprehensive security assessments of information systems to ensure compliance with applicable security controls and regulations. Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements. Responsibilities - Independently perform all aspects of the security controls assessment in alignment with NIST 800-53 Revision 5 - Ensure comprehensive understanding and application of ATO documentation requirements - Coordinate all aspects of testing with relevant stakeholders and team lead - Develop a security assessment plan with input from stakeholders - Conduct and lead assessment interviews and tests and manage evidence - Provide insightful recommendations to improve security posture - Minimum of 3 years leading security controls assessments - Experience performing assessments while supporting the federal government - Proficient understanding of NIST RMF - Expertise in NIST 800-53 Rev 5 - Understanding of the ATO process - Strong communication and task management skills Qualifications - BA/BS degree, Information Security or Related - Certifications: CISSP, CISM, CISA, or equivalent - CSAM/JCAM Experience Requirements - This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. - Travel is expected to be less than 10% and will be communicated in advance whenever possible. Benefits - Health Care Plan (Medical, Dental & Vision) - Retirement Plan (401k) - Life Insurance (Basic, Voluntary & AD&D) - Paid Time Off - Family Leave (Maternity, Paternity) - Short Term & Long-Term Disability - Training & Development

United States