540 is hiring a
Senior Security Specialist

Summary

Join us at 540 as we seek a Senior Security Specialist to help the federal government #GetShitDone. The successful candidate will have experience obtaining an ATO from start to finish, RMF, creating RMF artifacts, and working with multiple technical teams.

Requirements

• 6+ years of relevant experience in cybersecurity, particularly within the DoD / Army
• CompTIA Security+ certification
• Ability to obtain Certified Information Systems Security Professional (CISSP) certification or other recognized security accreditation
• Demonstrated experience in the delivery of security documentation to achieve Authorization to Operate (ATO)
• Strong knowledge of RMF (Risk Management Framework), NIST SP 800-53, and related cybersecurity standards
• Experience managing Army eMASS records and coordinating inherited controls from cARMY and other control sources
• Ability to provide security subject matter expertise to development and architecture teams, ensuring alignment with security posture and guidelines
• Proficient in POA&M (Plan of Actions & Milestones) management
• Expertise in implementing and maintaining system security policies, procedures, and documentation in accordance with DoD and Army cybersecurity requirements
• Proficiency in conducting risk assessments, vulnerability scans, and continuous monitoring to ensure systems are secure and compliant with RMF
• Experience developing, updating, and enforcing Information Assurance (IA) documentation, such as System Security Plans (SSP) and POA&Ms
• Excellent communication skills to serve as the primary liaison between technical teams and stakeholders for all security-related issues
• Ability to stay current with cybersecurity threats and adjust security measures as needed
• Hands-on experience supporting system accreditation processes (ATO/C&A) for information systems
• Capability to lead or assist in security awareness training for project teams
• Strong collaboration skills to work with technical staff on the implementation and maintenance of security controls throughout the project lifecycle
• Ability to respond to security incidents quickly and mitigate them in a timely manner
• Experience with security assessment and sign-off on system releases

Preferred Qualifications

• Experience working with the federal government, specifically with the Department of Defense (DoD) and the Army
• RMF 2.0 experience
• Knowledge of DoD STIGs, STIG vulnerabilities, and remediation strategies
• Experience delivering Continuous ATO
• Knowledge of security concerns for delivering on commercial cloud platforms (specifically AWS)

Benefits

• 100% covered health, dental and vision premium for employees, optional dependent coverage
• Flexible Spending Account (FSA)
• 401k with employer match
• Company Sponsored Life Insurance, Short and Long Term Disability coverage
• Flexible PTO + all Federal holidays off
• Home Office allowance
• Reimbursement for trainings / certifications
• Paid AWS Developer account
• Macbook Pro
• Referral Bonus - good people know good people
• Annual Social Events (540 week, hackathon, holiday party, charity golf tournament, etc.)
• Access to 540’s Washington Capitals tickets