Your First True Believers


ATO Cybersecurity Engineer

Applied Intuition

Applied Intuition

Washington, DC, USA
Posted on Thursday, May 18, 2023

About Applied

Autonomy is one of the leading technological advances of this century that will come to impact our lives. The work you’ll do at Applied will meaningfully accelerate the efforts of the top autonomy teams in the world. At Applied, you will have a unique perspective on the development of cutting-edge technology while working with major players across the industry and the globe.

Applied Intuition provides software solutions to safely develop, test, and deploy autonomous vehicles at scale. The company’s suite of simulation, validation, and drive log management software enables development teams to create thousands of scenarios in minutes, run simulations at scale, and verify and validate algorithms for production deployment. Headquartered in Silicon Valley with offices in Los Angeles, Detroit, Washington, D.C., Munich, Stockholm, Seoul, and Tokyo, Applied consists of software, robotics, and automotive experts with experiences from top global companies. Leading autonomy programs and 17 of the top 20 global OEMs use Applied’s solutions to bring autonomy to market faster.

About the role

Applied is looking for an IT professional experienced in deploying software-as-a-service (SaaS) applications to the Department of Defense (DoD) networks to fill the role of Cybersecurity Engineer/RMF Manager in our DC office. The RMF Manager will work across the business, product, and security teams at Applied to architect, package, and deploy Applied products to classified and unclassified DoD production environments, with a goal of rapidly gaining and maintaining Authority to Operate (ATO) for high-performance computing, cloud-based development applications.
The RMF Manager’s primary role is to ensure that Applied products receive and sustain ATOs for all required government networks. This includes ensuring that Applied products comply with the Security Technical Implementation Guides published by the DoD, and that all Risk Management Framework (RMF) documentation is completed. The RMF Manager is responsible for the transmittal of the relevant NIST expertise to the engineering team, the compilation of required documentation, and the preparation of software for vulnerability scanning. The RMF Manager positions Applied’s products to best mitigate or remediate DoD-identified security vulnerabilities. The RMF Manager will report to the Head of Defense.

At Applied, you will:

  • Provide support of Risk Management Framework (RMF) assessment and documentation to product teams
  • Provide technical support and apply expertise in ensuring software compliance with DoD and RMF standards
  • Create and validate required DoD RMF documentation and artifacts in accordance with DoD Instruction 8510.01, RMF for DoD IT, and any applicable federal or military RMF Process Guide (RPG)
  • Develop and maintain the artifacts required to obtain and maintain the Authority to Operate (ATO) for information systems
  • Perform quality assurance reviews for required content on all packages in the Assessment and Authorization (A&A) process, in accordance with the applicable ATO checklist

We're looking for someone who has:

  • 5+ years of experience working with the RMF Assessment Methodology, and extensive knowledge of the DoD Security Assessment and Authorization process
  • Current DoD 8570 Cyber Security Service Provider (CSSP)-approved certification
  • 8570.01M / IAM Level II or IASAE II
  • Advanced degree in Cybersecurity, Computer Science, Computer Engineering, Software Engineering, Systems Engineering, or related technical field of study
  • Demonstrated professional growth in cybersecurity
  • Knowledge of DoD Networks and Architectures to include ICAM reference design
  • Understanding of government classified and unclassified cloud capabilities (e.g. GovCloud) and can articulate its security structure
  • Understanding of and experience in IC and DoD cybersecurity community
  • An active Top Secret Clearance

Nice to have:

  • Familiarity with DoD Zero Trust Reference Architecture
  • Familiarity with CMMC 2.0
  • Breadth of experience with security scanning and security controls required for FedRAMP, DISA STIG, ISO27001, and CSP-specific security recommendation services
  • Experience as Facility Security Officer with DOD security requirements (FOCI mitigation, CFIUS, CUI)

The salary range for this position is $65,000 USD to $400,000 USD annually. This salary range is an estimate, and the actual salary may vary based on the Company's compensation practices.

Don’t meet every single requirement? If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.

Applicants will be required to be fully vaccinated against COVID-19 upon commencing employment. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable federal and state law. Applicants should be aware that for external-facing roles that involve close contact with Company employees or other third parties on the Company's premises, accommodations that involve remaining unvaccinated against COVID-19 may not be deemed reasonable. The Company will engage in the interactive process on an individualized basis taking into account the particular position.

Applied Intuition is an equal opportunity employer and federal contractor or subcontractor. Consequently, the parties agree that, as applicable, they will abide by the requirements of 41 CFR 60-1.4(a), 41 CFR 60-300.5(a) and 41 CFR 60-741.5(a) and that these laws are incorporated herein by reference. These regulations prohibit discrimination against qualified individuals based on their status as protected veterans
or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. These regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability. The parties also agree that, as applicable, they will abide by the requirements of Executive Order 13496 (29 CFR Part 471, Appendix A to Subpart A), relating to the notice of employee rights under federal labor laws.