Responsibilities
- Support the development and maintenance of system security documentation including System Security Plans (SSPs), Security CONOPs, hardware/software baselines, and standard operating procedures (SOPs).
- Ensure all assigned information systems operate in accordance with established ATOs and applicable government security requirements (NIST RMF, ICD 503, JSIG, DAAPM).
- Monitor system configurations and enforce compliance with approved baselines; document and report any deviations to the ISSM.
- Assist in the preparation and submission of security authorization packages and support AO review activities.
- Execute routine audit log reviews, account management checks, and security event monitoring across assigned systems.
- Conduct and analyze vulnerability scans using ACAS/Nessus and SCAP tools; triage findings and track remediation to closure.
- Apply and validate DISA STIG/SRG configurations on Windows, Linux (RHEL/CentOS), and network devices; document compliance status.
- Maintain and update Plan of Action & Milestones (POA&Ms); coordinate with system owners and administrators to remediate open findings.
- Support SIEM integration efforts and contribute to development of alerting thresholds and use cases.
- Identify, document, and report security incidents and anomalies in accordance with program and government reporting timelines.
- Conduct initial triage of potential security violations; preserve evidence and coordinate with the ISSM and FSO for escalation as required.
- Participate in lessons-learned reviews following incidents and contribute to improvement of security procedures.
- Brief incoming personnel on program security requirements, acceptable use policies, and information handling procedures.
- Conduct periodic security reminders, refresher training, and spot checks to reinforce security awareness among program staff.
- Serve as the first point of contact for user security questions, access requests, and account provisioning/de-provisioning activities.
- Review hardware, software, and firmware change requests for security impact; document assessments and provide recommendations to the ISSM.
- Maintain accurate and current hardware/software inventories and media control logs for all assigned systems.
- Coordinate with system administrators to ensure patching schedules align with security requirements and authorization conditions.
Requirements
- Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. Equivalent combination of education and experience considered.
- 3+ years of experience in information security or IT, with at least 1–2 years in an ISSO, security analyst, or equivalent role supporting classified U.S. Government systems.
- Hands-on experience with RMF-based system authorization activities (ICD 503, JSIG, or DAAPM) at the Secret or TS/SCI level.
- Working knowledge of ACAS/Nessus, SCAP Compliance Checker, and DISA STIGs.
- Familiarity with Windows Server and/or RHEL/CentOS administration in classified environments.
- Experience conducting audit log reviews, account management, and POA&M tracking.
- IAT Level II or IAM Level II certification required: Security+, CySA+, CAP, CASP+, or equivalent (IAW DoD 8570.01-M / DoD 8140).
- Active Secret clearance required at time of hire; TS/SCI eligibility preferred or required depending on program assignment.
Nice to Have
- Experience supporting Special Access Programs (SAPs) or SCI compartmented programs.
- Familiarity with Xacta, eMASS, or equivalent GRC/authorization management platforms.
- Knowledge of cross-domain solution (CDS) environments or Type 1 encryption device administration.
- Experience with SIEM platforms (Splunk, ArcSight, or similar) in a classified environment.
- Exposure to CMMC Level 2/3 requirements or CUI handling in defense contractor settings.
- Additional certifications: CISSP (Associate), CEH, GCIH, or equivalent.
Benefits
- Medical, dental, and vision benefits 100% paid for by the company
- 401k (+ 50% company match up to 6% of pay)
- FSA
- HSA
- life insurance
- Free daily lunch
- ‘No meeting Fridays’
- unlimited PTO
- casual dress code
- Competitive base salaries
- generous pre-IPO stock option grants
- relocation assistance
- (coming soon!) annual bonuses
Work Arrangement
Hybrid — Los Angeles, Washington, D.C., San Francisco, San Diego, Seattle, London
Team
Team size: 250 employees and counting. Structure: global offices
Additional Information
- Active Secret clearance required at time of hire
- TS/SCI eligibility preferred or required depending on program assignment
- Relocation assistance available