Key skills
AWSCloudCyber SecurityAILLMIAMSAPCI/CDLeadershipRisk ManagementCommunicationRemote WorkCloud Security
About this role
Role Overview
- Lead Risk Management Framework (RMF) activities for the LIGER deployment at CBP, including system categorization, control selection and tailoring, implementation, assessment, and continuous monitoring
- Own and maintain authorization artifacts: System Security Plan (SSP), Security Assessment Plan (SAP), Security Assessment Report (SAR), Plan of Action and Milestones (POA&M), and supporting documentation aligned to CBP and DHS requirements
- Coordinate directly with CBP ISSOs, Authorizing Officials, and cyber working groups to advance ATO and continuous authorization activities
- Interpret NIST 800-53 controls in the context of the LIGER platform and translate them into actionable engineering requirements
- Run and review vulnerability scans across CI/CD pipelines and runtime environments, triage findings, and drive remediation through the engineering team
- Validate secure configurations and hardening baselines (e.g., CIS Benchmarks, DISA STIGs) on containers, hosts, and cloud resources
- Partner with platform engineers on cloud and container security in AWS GovCloud, including IAM, network controls, secrets management, logging, and runtime protection
- Develop and maintain security policies, procedures, and standard operating procedures (SOPs) specific to LIGER on CBP infrastructure
- Track audit findings, remediation actions, and POA&M items to closure
- Support FedRAMP-aligned control implementation and inheritance where applicable
- Advise senior LIGER and CBP leadership on system risk levels, control effectiveness, and emerging compliance considerations for AI/LLM systems in federal environments.
Requirements
- Active Secret clearance and the ability to obtain a CBP Background Investigation; U.S. citizenship is required.
- Bachelor’s degree in Cybersecurity, Computer Science, Information Systems, or a related field
- 5+ years of experience designing, implementing, and monitoring cybersecurity solutions in federal environments
- 5+ years of hands-on RMF experience, including ATO development and continuous monitoring against NIST 800-53
- CISSP, CISM, or equivalent senior-level cybersecurity certification
- Strong working knowledge of cloud security, particularly AWS, with experience in GovCloud or similar high-compliance environments
- Experience with vulnerability management workflows: scanning, triage, remediation tracking, and reporting
- Experience hardening systems against secure baselines such as CIS Benchmarks or DISA STIGs
- Familiarity with secure software development practices: secrets management, access control, auditability, and CI/CD pipeline security
- Strong written communication skills, including the ability to produce ATO artifacts that hold up to assessor and AO review
- Ability to translate compliance requirements into specific engineering work and partner closely with developers.
Tech Stack
- AWS
- Cloud
- Cyber Security
Benefits
- Health insurance
- 401(k) matching
- Flexible work hours
- Paid time off
- Remote work options