Senior Authorizing Official Designated Representative (AODR) Systems Security Engineer

Summary

Join Arlo Solutions as a Senior AODR/SSE and play a pivotal role in supporting the Department of Defense's Chief Digital and Artificial Intelligence Office (CDAO). You will act on behalf of the CDAO Authorizing Official, carrying out security authorization activities and ensuring thorough system security engineering. This role requires expertise in various security frameworks and guidelines, including NIST 800 series, DoDI 8500.01, and DoD RMF. You will partner with the CRA to provide risk determinations and recommendations for the Authorizing Official. The position is full-time remote, with candidates in the Washington DC Metropolitan area preferred. Travel is expected to be approximately 10% to 25%.

Requirements

• Have an active TS Clearance SCI eligible
• Bachelor’s degree in computer science/information technology, or other related degree fields (master’s degree is preferred or at least 10 years of related experience)
• At least 10+ years of cybersecurity experience including a senior technical or management role, Project or Program Management experience a plus
• At least one IAT/IAM or equivalent security certifications ex. CISSP, CCSP, CISM, CISA, or CASP or requisite work experience

Responsibilities

• Work with Programs to develop a comprehensive System Security Engineering (SSE) Body of Evidence (BOE) including artifacts such as Cybersecurity Strategy (CCS), System Security Plan (SSP), Concept of Operations (CONOPS), Incident Response Plan (IRP), Cyber Technology Orders, and Cybersecurity Plans
• Provide senior advisory support to CDAO AO regarding authorizations of CDAO capabilities
• Utilize expert knowledge and experience regarding risk management strategies in support of a major DoD program
• Provides cloud security architecture and DoD compliance advisory support
• Using excerpt knowledge and experience to provide Risk Management strategies
• Evaluate threats and vulnerabilities to determine whether additional safeguards are needed
• Collaborate between the AO and the program as well as CDAO senior leadership (focusing on creating metrics, tracking authorizations, etc.)
• Provide independent risk analysis and recommendation on the risk as well as the authorization
• Providing support regarding the agile authorization and OVL processes
• Collaborate between the AO and the ISSM as well as Program leadership
• Identify the security baseline based on the mission and security impacts to the system
• Determine assessment criteria, develop, review, and create a plan to assess the security requirements
• Develop strategies and briefing materials identifying, evaluating, and mitigating potential risks that may impact the organization's operations, assets, or reputation utilizing Systems Security Engineering principles
• Author and present briefs regarding status of authorizations to AO and other senior Government officials
• Provides security architecture and DoD compliance advisory support
• Perform other duties as assigned or required

Preferred Qualifications

• Strong clients focus and commitment to continuous improvement, ability to proactively network and establish relationships
• Manage multiple priorities in a high-paced and fast-changing environment
• Experience supporting and assessing risks within a CI/CD DevSecOps environment. Key areas of experience would include data mesh, data orchestration, control gates review, and vulnerability management within a pipeline
• Expansive knowledge with integrating IaaS, PaaS, and SaaS offerings into government cloud environments (i.e. AWS, AZURE & GCP). Experience would include cloud compute, cloud storage, cloud native solutions, cloud data transfer, Cross Domain Solutions, and cloud networking
• Experience assessing STIGs, Cloud Compliance Guides, Shares responsibility models, and System Mission Owner responsibilities within Government Cloud Environments
• Experience working with OSD leadership or Military component or branch
• Expert understanding of NIST 800 series guidelines, DoDI 8500.01, DoD 8140.03, rISO 27001, COBIT, DoD RMF, OVL, and current cybersecurity best practices
• Excellent communication/presentation skills briefing senior military and government civilian leadership
• Experienced with writing policies, guides, procedures
• Experience in hands on with eMASS, Xacta and/or other GRC tools
• Experience with Federal and FedRamp A&A Processes
• Experienced and comfortable advising at the Senior Executive Service (SES) level of customers

Benefits

Full time remote