We are seeking a highly experienced Compliance / Security Engineer to lead Authorization to Operate (ATO) and Interim Authority to Test (IATT) workstreams within a high-security Department of War (DoW) program environment. This dedicated role is embedded directly with the program team and requires an expert-level practitioner capable of translating DoW and Defense Information Security Agency (DISA) mandates (RMF, STIGs, NIST) into engineering roadmaps. The ideal candidate brings deep practical experience operationalizing security frameworks in deployed, classified environments. • Lead end-to-end ATO and IATT workstreams, coordinating with government stakeholders, ISSOs, and program leadership to ensure timely authorization milestones. • Operationalize DISA STIGs across system components; develop and maintain STIG checklists, deviation requests, and risk acceptance documentation. • Map security controls to deployment architectures, ensuring continuous compliance alignment with NIST RMF steps (Categorize 12 Authorize 12 Monitor). • Design and support Cross-Domain Solutions (CDS) implementations; liaise with accreditation authorities for cross-domain data transfer approvals. • Develop, review, and maintain System Security Plans (SSP), Security Assessment Reports (SAR), Plans of Action & Milestones (POA&M), and related RMF artifacts. • Conduct continuous monitoring activities and coordinate vulnerability remediation with engineering teams. • Interface directly with DISA and other DoW oversight bodies throughout the authorization lifecycle. REQUIRED: • Active TS/SCI clearance (no exceptions). • 5+ years of hands-on experience leading ATO/IATT workstreams in DoW or IC environments. • Expert-level knowledge of NIST Risk Management Framework (RMF) and related publications. • Demonstrated experience operationalizing DISA STIGs across Linux, Windows, and network infrastructure. • Working knowledge of Cross-Domain Solutions (CDS) architecture, accreditation, and operational requirements. NICE TO HAVE: • Proficiency with eMASS or equivalent DoD authorization tools. • CISSP, CAP (Certified Authorization Professional), or equivalent DoD 8570/8140 IAM Level III certification. • Experience supporting DISA programs or working within the DISA RMF process directly. • Familiarity with cloud-based deployment environments (AWS GovCloud, Azure Government) and associated security frameworks. • Experience with zero-trust architecture concepts and implementation in classified environments. 200k-220k Benefits At Aperio Global, we understand the value of investing in our most important asset-our employees. That's why we have crafted a comprehensive benefits package designed to help you make the best decision for yourself, your family and your lifestyle. For additional details, contact our talent acquisition team. • Health Care Plan (Medical, Dental & Vision) • Retirement Plan (401k, IRA) with 100% employer match up to 6% • Life Insurance (Basic, Voluntary & AD&D) • Paid Time Off (Vacation, Sick & Public Holidays) • Short Term & Long Term Disability • Professional Development • (and much more)