Principal IA-RMF Engineer

Job Locations US-MD-Columbia | US-CA-San Diego
ID
2021-1094
Category
Cyber Security
Position Type
Regular Full-Time
Clearance Level
TS/SCI

Overview

BigBear.ai is seeking a Principal Information Assurance (IA) / Risk Mitigation Framework (RMF) Engineer to lead the shaping of requirements for the largest and most challenging aspects of system security, guide and significantly contribute to solving the hard problems of those solutions, support customer and capture engagements to demonstrate our differentiation, and mentor technologists across the company. The successful candidate will have supported multiple accreditation efforts within the US Defense and Intelligence Communities of software systems for which they engineered the identity, authorization, and access management and network security, especially for cloud production environments using containers.

The Principal IA/RMF Engineer will have broad exposure to multiple programs and projects across BigBear.ai coupled with the ability to directly influence design and implementation. They will discern and champion the best practices for security technologies, policies, and practices, ensuring that “the BigBear way” is consistent, pushes the envelope of what is possible, and differentiated. You will educate our clients and staff to help them understand what we can achieve, then take a leading hands-on role solving the hardest problems and shepherding the process of getting projects started following your designs. Our Principals will stay connected to emerging methods and technologies and support related experimentation and adoption, driving the future evolution of BigBear.ai.

In joining the Product and Technology Team, you will work in close partnership with AI/ML engineers, developers, data scientists, and BigBear.ai leadership throughout the process, and play a key role in the development and implementation of the product vision, strategy, and execution. The ideal candidate will have a growth mindset and a creative and collaborative approach with customer satisfaction top of mind.  You will be self-driven and fueled by your passion for building and delivering amazing products to market.

This is an ideal opportunity to be part of one of the fastest growing AI/ML companies in the industry. At BigBear.ai, we're in this business together. We own it, we make it thrive, and we enjoy the challenges of our work. We know that our employees play the largest role in our continual success. That is why we foster an environment of growth and development, with an emphasis on opportunity, recognition, and work-life balance. We give the same high level of commitment to our employees that we give to our clients. If BigBear.ai sounds like the place where you want to be, we'd enjoy speaking with you. 

What you will do

  • Perform the most senior design and development tasks for IA/RMF on projects
  • Support solution development and writing of technical proposals
  • Ensuring that projects and information systems adopt and institute DoD and NIST standards and methodologies
  • Draft organizational security categorization guidance and procedures to allow consistent security categorization across systems
  • Assist in drafting Project IT Risk Management strategy, guidance and procedures
  • Analyze and develop system security plans for existing and new systems
  • Create and evolve project Continuous Monitoring (CM) Program, strategy and guidance
  • Provide guidance and recommendations for continuous monitoring technologies, leveraging current available technologies and recommending solutions to address gaps
  • Successfully select and integrate security technologies to meet solution requirements and client mandates
  • Act as a visionary trusted customer liaison and “product manager” in our most complicated accounts
  • Provide ongoing advice to projects around technical solutions, best practices, and efficiencies
  • Maintain awareness and expertise of the latest security, cloud, and infrastructure technologies in order to proactively support the adoption of truly beneficial new capabilities
  • Maintain awareness and expertise of the latest government accreditation policies and procedures for Defense and Intelligence Community
  • Mentor staff as assigned
  • Work with product development teams to ensure customer functional requirements are fully considered, best practices and differentiated learnings are shared, and a single Bigbear.ai identity is supported.

What you need to have

  • Minimum of 10 years of experience in software development or application engineering
  • Expertise with entire RMF process, including using RMF tools (such as Telos Xacta) and government portals (like eMASS) to process and update A&A, Assess Only and POA&M packages
  • Knowledge of the National Institute of Standards and Technology (NIST) RMF Special Publications and the IA field's concepts, practices, and procedures, especially those applicable to Defense and Intelligence systems (like DoDI 8500.01 and 8510.01) to ensure the secure integration and operation of all enclave systems (NIPR, SIPR, etc.)
  • Experience with DoD security hardening, collection, and assessment tools (STIGS, ACAS SCAP, Nessus, OWASP, etc.) and experience with security architectures, firewalls, and network access
  • Experience setting up and integrating identity and authorization directory services (like SailPoint) and a variety of software platforms with single-sign-on (SSO) solutions (like Okta)
  • Experience integrating US Defense and Intelligence PKI infrastructure and enterprise access management services with software systems
  • Experience with network routing and VPN tunneling and other network encryption mechanisms
  • Experience with security operations including management of intrusion protection systems (IPS), alerting on and tracing behaviors through traffic inspection and log aggregation tools (like Splunk, Kibana, or Grafana), setting up log forwarders and parsers, and configuration networks to prevent DDOS and other exploits
  • Experience providing cross-domain data transfer services
  • Knowledgeable of zero-trust cloud policies and procedures and their application to ephemeral, serverless processing fabrics
  • Ability to write and communicate at a level appropriate for a senior executive
  • Experience working for a federal defense contractor
  • Ability to obtain and maintain a TS/SCI clearance

What we'd like you to have

  • Degree in a technical field
  • Active TS clearance with SCI
  • Relationships with government CISOs or other security staff
  • Experience with homomorphic encryption
  • AWS, Google Cloud, or Microsoft Azure certifications

About BigBear.ai

BigBear.ai is a new leader in decision dominance serving the national defense and intelligence communities. The Company delivers high-end capabilities across the data and digital spectrum to deliver information superiority and decision support. BigBear.ai provides a comprehensive suite of solutions including artificial intelligence and machine learning, data science, advanced analytics, offensive and defensive cyber, data management, cloud solutions, digital engineering, and systems integration. BigBear.ai’s customers, including the U.S. Intelligence Community, Department of Defense, and U.S. Federal Government, rely on its advanced technology solutions to analyze information, manage risk, and solve complex problems, leading to better decision making. Headquartered in Columbia, Maryland, BigBear.ai has additional locations in Virginia, Massachusetts, and California. 


BigBear.ai is an Equal Opportunity/Veterans/Disabled Employer. 

Options

Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
Share on your newsfeed