Sign upSign in

Information Assurance Engineer

Simplesense2 months ago
San Antonio, TX, United States
Hybrid
Full-time
Junior Level (1-3 years)
Apply to Job

Job Description

Position Overview

Simplesense builds, deploys, and sustains the Installation Resilience Platform that enables mission operators to rapidly adapt and respond. The platform protects critical infrastructure from cyber attack while unlocking previously siloed information to monitor, diagnose, and improve incident response times. As a non-traditional defense contractor and prime on the Air Force’s Installation Resilience Operations Command and Control (IROC) program – now expanding to additional Air Force, Space Force, and Army installations – we combine deep mission experience with technical expertise in DevSecOps, cybersecurity, and cloud infrastructure.

Simplesense is looking for an Information Assurance Engineer to support and execute all aspects of the Risk Management Framework (RMF) process, including planning, executing, and maintaining activities required to obtain and sustain system authorizations under the DoD process.

Compensation: $125,000 - $155,000 per year. Location: Remote with a preference for candidates in Denver, CO; San Antonio, TX; or Brooklyn, NY. Schedule: Locals work 2 days per week onsite; remote team members travel quarterly for team meetings.

Key Responsibilities

  • Support the full RMF A&A lifecycle to achieve and maintain the system Authority to Operate (ATO) with DoD.
  • Develop, author, and maintain core A&A documentation (e.g., SSP, system diagrams, ConMon plans) within the system’s eMASS record.
  • Coordinate with Information System Owners, ISSMs, external assessors, and the Authorizing Official Designated Representative (AODR) to ensure successful ATO processes.
  • Conduct security assessments including vulnerability scans, DISA STIG validation, and security control testing while facilitating remediation efforts.
  • Perform continuous monitoring and incident response using SIEM tools (e.g., Splunk) for log analysis and dashboard creation.
  • Administer and maintain enterprise security tools and platforms (e.g., SIEM, EDR, vulnerability scanners) to ensure operational integrity and scalability.
  • Provide technical and procedural guidance to engineering and operations teams for secure system design and automation.
  • Prepare for and support government cybersecurity audits by staying current on DoD policies including DFARS, CMMC, and NIST guidance.
  • Execute end-to-end incident response for cyber events, from initial detection and containment to eradication and recovery.

Required Qualifications

  • Based in the Denver, CO; San Antonio, TX; or Brooklyn, NY area is preferred.
  • 7+ years of experience with DoD RMF processes.
  • Prior experience as an ISSM/ISSO.
  • Deep understanding of NIST SP 800-53 and implementation of cybersecurity controls.
  • Experience managing eMASS entries and ATO packages.
  • Strong technical writing and documentation skills.
  • Solid grasp of the DoD Zero Trust Strategy, including the pillars of Identity, Devices, Networks, Applications, and Data.
  • Must be a U.S. Citizen and able to obtain a DoD NIPR network account and Common Access Card (CAC).
  • Must be able to obtain DoD 8570/8140 IAT Level II certification (e.g., CompTIA Security+ CE) within 6 months of hire.
  • Must have, or be able to obtain, a Secret Clearance.

Benefits & Perks

  • Equity
  • Medical, Life, Short-Term Disability, and AD&D insurance
  • Medical travel coverage
  • Dental coverage
  • Vision coverage
  • 401k matching

Required Skills

Technical Writing & Documentation
Vulnerability Assessment
Incident Response
eMASS management
DoD cybersecurity compliance
Cybersecurity Controls (NIST SP 800-53)
Risk Management Framework (RMF)
SIEM (e.g., Splunk)