Simplesense · 10 hours ago
Information Assurance Engineer
San Antonio, TX
Full-time
Hybrid
Mid, Senior Level
$125K/yr - $155K/yr
7+ years expSimplesense is a non-traditional defense contractor focused on protecting critical infrastructure from cyber attacks. They are seeking an Information Assurance Engineer to support the Risk Management Framework (RMF) process, ensuring system authorizations and maintaining compliance with DoD standards.
Cyber SecurityNational SecurityPublic SafetySecuritySoftware
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Support the full RMF A&A lifecycle to achieve and maintain the system Authority to Operate (ATO) with DOD
Develop, author, and maintain all core A&A documentation (e.g., SSP, system diagrams, ConMon plans) within the system’s eMASS record, ensuring all controls, artifacts, and package details are accurate
Coordinate with key stakeholders, including Information System Owners, ISSMs, external assessors, and the Authorizing Official Designated Representative (AODR), providing strategic guidance and responding to data requests to ensure the success of all Authorization to Operate (ATO) processes
Conduct security assessments, including vulnerability scans, DISA STIG validation, and security control testing. Work with engineering and support teams to facilitate the remediation of identified vulnerabilities and Plans of Action and Milestones (POAMs). In all phases of the RMF process, work to eliminate manual processes with automation
Perform continuous monitoring and incident response by leveraging SIEM tools (e.g., Splunk) for log analysis and dashboard creation, conducting vulnerability scans, proactively investigating potential threats, and updating all compliance documentation
Administer and maintain enterprise security tools and platforms (e.g., SIEM, EDR, vulnerability scanners), ensuring operational integrity, scalability, and alignment with organizational security policies
Provide technical and procedural guidance to engineering and operations staff to ensure secure system design, operation and automation tooling
Prepare for and support government cybersecurity audits by staying current on all evolving DoD policies, including DFARS, CMMC, and NIST guidance
Executed end-to-end incident response (IR) for cyber events, from initial detection and containment to eradication and recovery
Qualification
Required
7+ years of experience with DoD RMF processes
Prior experience as an ISSM/ISSO
Deep understanding of NIST SP 800-53 and cybersecurity control implementation
Experience managing eMASS entries and ATO packages
Strong technical writing and documentation skills
Strong understanding of the DoD Zero Trust Strategy, with the ability to operationalize the pillars of Identity, Devices, Networks, Applications, and Data
Must be a U.S. Citizen and able to obtain a DoD NIPR network account and Common Access Card (CAC)
Must be able to obtain DoD 8570/8140 IAT Level II certification (e.g., CompTIA Security+ CE) within 6 months of hire
Must have, or be able to obtain, a Secret Clearance
Preferred
Based in Denver, CO, San Antonio, TX, and Brooklyn, NY area
Benefits
Equity
Medical, Life, Short-Term Disability, and AD&D insurance
Medical travel coverage
Dental coverage
Vision coverage
401k matching
Company
Simplesense
Rapidly authorize and deploy proven cybersecurity solutions for Industrial Control Systems (ICS) / Operational Technology (OT)
11-50 employees
Funding
Current Stage
Early StageTotal Funding
$1.82MKey Investors
Leonid Capital Partners
2024-03-05Debt Financing
2023-06-13Convertible Note· $1.04M
2020-12-28Seed· $0.3M
Leadership Team
Eric Kanagy
Co-founder and CEO
Company data provided by crunchbase