We're looking for a cybersecurity engineer to support a large Navy readiness reporting program. The work is a mix of RMF and ATO sustainment, vulnerability management, and day-to-day cybersecurity engineering across an interconnected set of applications. You'll spend time in eMASS, in scan results, and in conversation with developers, sysadmins, and a small cyber team - not in isolation. If you like the operational side of cybersecurity - keeping systems accredited, closing real findings, and writing things down so they make sense to the next person - this is that role.

Responsibilities include:

Primary Responsibilities:

• Maintain RMF accreditation packages in eMASS: security plans, control evidence, test results, and POA&Ms.
• Triage and disposition IAVAs and other cybersecurity directives. Track remediation to closure.
• Support ATO submissions and ongoing continuous-monitoring work as systems and their environments change.
• Apply STIGs. Run vulnerability scans. Recommend and implement fixes that actually close findings, not just hide them.
• Document what you do. Other people need to be able to pick it up and keep going.

Additional duties and Responsibilities of the Cybersecurity Lead Engineer include, but are not limited to the following:

• Keep your skills current. The DoD cyber landscape doesn't sit still and neither should you.
• Communicate findings and risk clearly - in writing and out loud.
• Help build the team's reusable patterns and procedures. Make the next ticket easier than the last one.
• Own your work. Escalate real problems early; don't let them age.

Here's what you need:

• 5+ years in cybersecurity engineering, with 3+ years specialized in network security (firewalls, IPS, access controls, cross-domain solutions).
• 3+ years implementing RMF for DoD systems.
• Hands-on eMASS experience. Comfortable in scanners (ACAS/Nessus or equivalent), STIG application, and POA&M management.
• Experience triaging and dispositioning IAVAs and other cybersecurity directives.
• IAM Level II Information Assurance Certification (per DoDI 8570.01-M and SECNAV M-5239.2), or equivalent under DoDM 8140.03 at Basic or Intermediate proficiency.

Bonus Points If You Have:

• CISSP, CISM, CySA+, GSEC, or similar; Qualified Navy Validator designation; prior work on Navy or DoD systems; cloud security experience.

Security Clearance:

• DoD Secret Clearance

Education:

• Bachelor's degree in computer science, cybersecurity, engineering, or a related technical field. Master's a plus. Additional relevant experience can substitute for the degree.

Work Schedule:

• M-F, 8 hours

Compensation and Benefits:
Cydecor offers a comprehensive compensation package including Health and Dental Insurance, Vision and Life Insurance, Short-Term & Long-Term Disability, 401(K) + company match, Paid Time Off (PTO), Paid Company Holidays, Tuition and Professional Development Assistance and more.

Key Words: Cybersecurity Engineer, Cyber Security Engineer, Information Assurance Engineer, Information System Security Engineer, ISSE, Cybersecurity Specialist, Cyber Engineer, RMF Engineer, RMF Analyst, Cybersecurity Analyst, Security Engineer, Security Compliance Engineer, Security Controls Assessor, Information Assurance, IA, Information Security, Cyber Defense, Cyber Operations, Risk Management Framework, RMF, Authorization to Operate, ATO, Continuous Monitoring, ConMon, eMASS, Enterprise Mission Assurance Support Service, Security Authorization, NIST RMF, NIST 800-53, Security Controls, Security Assessment, Security Documentation, Security Plans, SSP, Plan of Action and Milestones, POA&M, Vulnerability Management, Vulnerability Assessment, Vulnerability Remediation, Vulnerability Scanning, ACAS, Nessus, Security Technical Implementation Guides, STIG, STIG Compliance, Security Compliance, Configuration Management, IAVA, Information Assurance Vulnerability Alerts, Cybersecurity Directives, Patch Management, System Hardening, Network Security, Firewall Management, Intrusion Prevention Systems, IPS, Access Controls, Cross Domain Solutions, CDS, Security Engineering, Systems Security Engineering, Enterprise Security, Application Security, Infrastructure Security, Secure System Design, Secure Configuration Management, Security Operations, Incident Response, Risk Assessment, Risk Management, Threat Mitigation, Continuous Authorization, ATO Sustainment, Accreditation Management, Cybersecurity Governance, Security Architecture, DevSecOps, Cloud Security, AWS Security, Azure Security, Navy Cybersecurity, Department of the Navy, U.S. Navy, Department of Defense, DoD, Federal Government, Government Contractor, GovCon, National Security, Cleared Jobs, Secret Clearance, DoD Secret Clearance, DoD 8570, DoDM 8140, IAM Level II, Cyber Workforce, Security Controls Implementation, Technical Documentation, Technical Writing, Process Improvement, Cross-Functional Collaboration, Systems Administration, Enterprise Applications, Mission Systems, Hybrid Environment