CyberSecurity Lead

540 is looking for a CyberSecurity Lead to help the federal government #GetShitDone. The CyberSecurity Lead is responsible for the overall security posture for multiple, disparate tools that have been identified by the Air Force’s Rapid Sustainment Office (RSO) for prototyping and scaling across the Air Force Enterprise. A successful candidate will have experience in leading cybersecurity teams, monitoring system operations, hardware and software for vulnerabilities and working with the operations team and development teams to remediate findings, manage any POAMs and maintain the Interim Authority to Test while progressing towards Authorization to Operate. 

Location: Remote within the continental United States, East Coast working hours with some flexibility afforded. Occasional travel may be required (up to 1x per month)
Citizenship & Clearance Requirement: per client requirements, must be a US Citizen with the ability to obtain a DoD Secret (or higher) clearance
Education Requirement: Bachelor’s Degree in Computer Science or related engineering field (preferred)
540 Internal Thrive Level: Senior Security Specialist

WHY 540?

540 is a forward-thinking company that the government turns to in order to #GetShitDone. We do more than talk about it, we break down barriers to innovation and build impactful tech. We’re looking for someone with big ideas, who thrives on innovation and is a self-starter. If you love to learn about and work with new technologies, we want to talk to you.

REQUIRED SKILLS & EXPERIENCE

• 6+ years of relevant experience
• Certified Information Systems Security Professionals (CISSP), or ability to obtain within six months of onboarding. Certification must be maintained throughout employment
• Experience leading a team through the entire ATO process on a federal / DoD project / program. A #GetShitDone mentality is a must
• ATO Re-Accreditation
• Knowledge of security concerns for delivering on commercial cloud platforms
• Deep knowledge of DoD IATT and ATO processes
• Job Responsibilities for each tool going through the RSO pipeline, including, but not limited to:
• Delivery of Security Documentation to suggest / achieve IATT and ultimately ATO
• Security Reporting
• Incident Response Management
• Providing security subject matter expertise to development and architecture teams to ensure new feature development aligns with security posture and guidelines
• POA&M Management
• Security assessment and signoff on releases
• Collaboration with numerous delivery teams working on disparate RSO Pipeline Tools to prioritize and remediate security findings
• Knowledge of DoD STIGs, STIG vulnerabilities, and remediation strategies
• Experience writing cybersecurity test plans

 NICE TO HAVE SKILLS & EXPERIENCE

• Experience working with GCP and Assured Workloads
• Experience with authorizing systems using a BCAP
• Personal coding and/or DevOps experience
• Experience using code scanners
• Experience managing a Jira project

BENEFITS & PERKS

• 100% covered health, dental and vision premium for employees, optional dependent coverage
• Flexible Spending Account (FSA)
• 401k with employer match
• Company Sponsored Life Insurance, Short and Long Term Disability coverage
• Flexible PTO + all Federal holidays off
• Home Office allowance
• Reimbursement for trainings / certifications
• Paid AWS Developer account
• Referral Bonus - good people know good people
• Annual Social Events (hackathon, holiday party, charity golf tournament, etc.)
• Access to 540’s Washington Capitals tickets

EQUAL EMPLOYMENT OPPORTUNITY (EEO)

540's policy is to provide equal employment opportunity to all employees and applicants for employment and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state or local laws.

This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation and training.