Talent.com
Senior Cybersecurity Engineer - Compliance & Risk Management
Senior Cybersecurity Engineer - Compliance & Risk ManagementHuman Resources Research Organization • Alexandria, VA, United States
Senior Cybersecurity Engineer - Compliance & Risk Management

Senior Cybersecurity Engineer - Compliance & Risk Management

Human Resources Research Organization • Alexandria, VA, United States
3 hours ago
Job type
  • Full-time
Job description

Senior Cybersecurity Engineer - Compliance & Risk Management

The Human Resources Research Organization (HumRRO) is a non-profit leader in developing high-impact services and products in the arenas of employment, military, student testing, and professional credentialing and licensure. We work with federal and state government agencies, private sector organizations, and professional associations.

About the Organization

As a non-profit, HumRRO is dedicated to work that contributes to science and society. Our employees enjoy a highly collaborative and supportive environment that fosters innovation, ethical practice, and outstanding customer service. Our core operational staff includes Industrial-Organizational Psychologists, Educational Researchers, and Behavioral Science Consultants.

About the Job

We are seeking a Senior Cybersecurity Engineer to lead our enterprise compliance and security programs across federal, state, and private sector engagements. This role manages multiple compliance frameworks including CMMC, FedRAMP, SCRM, NIST 800-171 / 53, and ISO 27001 : 2022 regulatory requirements. You will work on compliance standards across hybrid cloud environments while leading a team of junior engineers conducting vulnerability assessments and security scanning operations. A significant portion of this role involves creating security documentation, developing compliance policies, responding to time-critical security requirements from clients, and managing third-party compliance audits.

As a Senior Cybersecurity Engineer, you will :

  • Lead enterprise cybersecurity compliance programs (CMMC, FedRAMP, SCRM, NIST frameworks, ISO 27001 : 2022)
  • Manage monthly compliance reporting and KPI dashboards for executive leadership
  • Coordinate third-party compliance audits (NIST 800-171, CMMC, ISO 27001, FedRAMP) and remediation activities
  • Maintain compliance evidence catalogs and SaaS compliance implementation controls
  • Evaluate and implement security controls across software applications and cloud platforms AWS, Azure, and Office 365
  • Oversee Risk Management Framework (RMF) processes for government contract organizations as well as applications in the DoD space (ATO / IATT / IATO documentation)
  • Conduct weekly Plan of Action and Milestone (POA&M) reviews and monthly security assessments
  • Develop and maintain security policies, procedures, and technical standards
  • Lead vulnerability management programs & conduct security assessments and penetration testing coordination
  • Manage business continuity of operations (COOP) program including disaster recovery and crisis management plans
  • Lead incident response and security event investigation
  • Mentor and manage junior cybersecurity engineers and analysts
  • Interface with federal agencies, auditors, and compliance assessors
  • Work with system architects for security requirements on existing cloud workloads, cloud migrations and / or hybrid environments
  • Facilitate and oversee completion of all customers' cyber security questionnaires and qualifications with time-critical deadlines
  • Coordinate with HumRRO Contracts Division on written responses to RFPs regarding IT security, controls, data privacy and regulatory compliance
  • Assist with implementation and administration of cybersecurity supply chain risk management (C-SCRM) program
  • Develop compliance documentation and security narratives for proposals
  • Support business development with technical security expertise
  • Serve as subject matter expert on internal security controls and regulations

Minimum Requirements :

  • US Citizen with ability to obtain / maintain security clearance
  • Work on-site at Alexandria VA (Up to 2 remote days possible after 90-day introductory period)
  • Bachelor's degree in Cybersecurity, Computer Science, or equivalent field. Work experience may be considered in lieu of degree
  • 7+ years of cybersecurity engineering and compliance experience
  • 5+ years of enterprise experience managing Risk and Compliance efforts including multiple regulatory and standard security frameworks
  • Existing Security+ certification or the ability to obtain within 6 months (CISSP, CCSP, or CISM preferred)
  • Deep expertise in NIST 800-171, 800-53, RMF, and DoD compliance frameworks
  • Hands-on experience with CMMC and FedRAMP authorization processes
  • Proficiency in Office 365 security configuration and management
  • Experience with vulnerability scanning tools (e.g. ACAS, Nessus, Rapid7, Qualys or equivalent)
  • Strong analytical and information gathering skills with ability to work multiple tasks simultaneously under short deadlines
  • Excellent communication skills for stakeholder engagement

    • Preferred :

  • Active DoD clearance
  • Experience in the nonprofit sector managing IT or related activities
  • CMMC Certified Professional (CCP) or CMMC Certified Assessor (CCA)
  • Experience with FedRAMP 3PAO assessments
  • Knowledge of Supply Chain Risk Management (SCRM) frameworks
  • AWS certifications (Solutions Architect, Security Specialty preferred)
  • Experience with DevSecOps pipeline integration and IAC
  • CISSP, CCSP, CISM, or CISSP-ISSAP certifications
  • Knowledge of DoD STIG implementation and automated compliance tools
  • Federal contracting and audit experience
  • Experience with Atlassian suite (Jira, Confluence)
  • Experience with eMASS package development and continuous monitoring activities
  • Experience with STIG implementation and SCAP compliance validation
  • Experience with bi-annual COOP testing and crisis management plan development
  • Leadership experience managing technical teams
  • People Management Experience is a plus

    • The anticipated salary for this role is $100,000 to $155,000. Specific salary offers are based on candidate qualifications and experience.

    Benefits :

  • Health, dental and vision insurance
  • Life insurance equal to 2x annual salary
  • Retirement plan with company matching
  • Paid professional development and certification maintenance
  • Tuition reimbursement
  • 12 weeks of paid parental leave
  • Generous paid time off and 10 paid holidays

    • All qualified applications will receive consideration without regard to race, color, religion, sex, national origin, age, marital status, sexual orientation, veteran status, medical condition, or disability. EEO / Vet / Disabled.

    Named one of "50 Great Places to Work" by Washingtonian magazine and one of "Top Workplaces" by The Washington Post.

    Create a job alert for this search

    Senior Cybersecurity Engineer • Alexandria, VA, United States

    Related jobs
    Cybersecurity Engineer Senior

    Cybersecurity Engineer Senior

    InstantServe LLC • Washington, DC, United States
    Full-time
    Engineering, Cybersecurity, Networking, security operations center, security monitoring and incident response.Information security experience with a focus on network, application, and architecture....Show more
    Last updated: 10 hours ago • Promoted • New!
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    Humana • Washington, DC, United States
    Full-time
    Become a part of our caring community and help us put health first.The Senior CyberSecurity Engineer develops and tests information security tools, applications, and system solutions deployed in Hu...Show more
    Last updated: 1 day ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    Dark Wolf Solutions • Chantilly, VA, United States
    Full-time
    The successful candidate willdesign, implement, and manage security measures to protect information systems from unauthorized breaches and cyber threats. They will ensure the confidentiality, integr...Show more
    Last updated: 23 hours ago • Promoted
    Senior Cybersecurity Engineer - Cyber Governance (HYBRID)

    Senior Cybersecurity Engineer - Cyber Governance (HYBRID)

    GEICO • Chevy Chase, MD, United States
    Full-time
    At GEICO, we offer a rewarding career where your ambitions are met with endless possibilities.Every day we honor our iconic brand by offering quality coverage to millions of customers and being the...Show more
    Last updated: 22 hours ago • Promoted • New!
    Senior Cybersecurity Engineer - Management (RapidScale) in College Park

    Senior Cybersecurity Engineer - Management (RapidScale) in College Park

    Energy Jobline ZR • College Park, MD, United States
    Full-time
    Energy Jobline is the largest and fastest growing global Energy Job Board and Energy Hub.We have an audience reach of over 7 million energy professionals, 400,000+ monthly advertised global energy ...Show more
    Last updated: 3 hours ago • Promoted • New!
    Cybersecurity Engineer - Senior

    Cybersecurity Engineer - Senior

    Spear AI • Washington, DC, United States
    Full-time
    Spear AI is a growing defense contracting company dedicated to delivering cutting‑edge solutions that support our nation's security. As we expand, we're building a culture where innovation meets mis...Show more
    Last updated: 8 days ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    E-Solutions • Washington, DC, United States
    Temporary
    We are currently seeking a highly skilled Senior Cybersecurity Engineer for a 12+ month contract opportunity with our Randstad client in Washington, DC. The ideal candidate will bring in-depth exper...Show more
    Last updated: 18 hours ago • Promoted • New!
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    Accenture Federal Services • Washington, DC, United States
    Full-time
    At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared pu...Show more
    Last updated: 23 hours ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    RPI Group Inc • Dahlgren, VA, US
    Full-time
    Contract Task Lead / Cybersecurity Lead.Navy customer at Dahlgren NSWC, VA.Develop cybersecurity requirements, policy standards, best practices, guidance, and procedures for combat systems.Conduct ...Show more
    Last updated: 30+ days ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    Travere Therapeutics • Washington, DC, United States
    Full-time
    Location : San Diego, USA - Remote.Be a part of a global team that is inspired to make a difference in the lives of people living with rare disease. Travere Therapeutics recognizes that exceptional e...Show more
    Last updated: 5 days ago • Promoted
    Senior Cybersecurity Engineer ISSO

    Senior Cybersecurity Engineer ISSO

    Cubic • Fort Meade, MD, United States
    Full-time
    When you join Cubic, you become part of a company that creates and delivers technology solutions to make people's lives easier by simplifying their daily journeys, and defense capabilities to help ...Show more
    Last updated: 22 hours ago • Promoted • New!
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    LTS • Washington, DC, United States
    Full-time
    This role is critical in the design, implementation, and maintenance of security solutions, policies, standards, and procedures that safeguard the department's information systems and networks.The ...Show more
    Last updated: 30+ days ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    BluestoneLogic • Fort Meade, MD, United States
    Full-time
    We are looking for energetic cybersecurity engineers to harden and accredit digital products for our defense customers.We're using our human-centered design approach to modernize and secure their l...Show more
    Last updated: 23 hours ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    Accenture • Washington, DC, United States
    Full-time
    At Accenture Federal Services, nothing matters more than helping the US federal government make the nation stronger and safer and life better for people. Our 13,000+ people are united in a shared pu...Show more
    Last updated: 1 day ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    ManTech • Washington, DC, United States
    Full-time
    Responsibilities include but are not limited to : .Reviewing testing and validation to ensure system functionality and compliance with security standards. Developing technical documentation including ...Show more
    Last updated: 30+ days ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    Maveris • Washington, DC, United States
    Full-time +1
    Senior Cybersecurity Engineer .Qualified candidates must be US citizens and able to obtain a minimum of a Public Trust clearance . Maveris is an IT and cybersecurity services company committed to he...Show more
    Last updated: 1 day ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    ManTech International Corporation • Washington, DC, United States
    Full-time
    Shape the future of defense with MANTECH! Join a team dedicated to safeguarding our nation through advanced tech and innovative solutions. Since 1968, we’ve been a trusted partner to the Department ...Show more
    Last updated: 23 hours ago • Promoted
    Senior Cybersecurity Engineer

    Senior Cybersecurity Engineer

    Leidos • Reston, VA, United States
    Full-time
    Join our dynamic team at Leidos as a Senior Cybersecurity Engineer, where you will play a pivotal role in safeguarding our government contract operations. We seek a proactive professional who excels...Show more
    Last updated: 3 hours ago • Promoted • New!