Information Assurance Engineer

We are seeking an Information Assurance Engineer to harden, automate, and sustain the security posture of Linux-based systems operating in a regulated federal environment. This is a hands-on engineering role: you will write the automation that applies and validates security baselines, produce the compliance artifacts that satisfy formal assessment, and help carry systems through the authorization lifecycle from initial hardening to a sustained Authority to Operate (ATO).

You will work at the intersection of systems engineering, security, and compliance — translating control requirements into working configuration and translating system state back into assessor-ready evidence.

Responsibilities:

• Apply, automate, and maintain DISA STIG hardening across RHEL / Rocky systems, using an idempotent, auditable approach with versioned backups.
• Develop and maintain Python and Bash automation for remediation, configuration validation, and compliance reporting.
• Run and interpret SCAP / SCC and ACAS (Tenable / Nessus) scans; produce clean, assessor-ready artifacts (e.g., ARF / XCCDF results, checklists) for formal review.
• Build, containerize, and harden workloads with Docker; resolve container-related compliance findings (unowned files, user namespace, network exposure).
• Manage configuration baselines and enforce desired state using a configuration management tools.
• Develop and maintain system boundary / authorization boundary diagrams, data flow diagrams, and supporting System Security Plan (SSP) artifacts.
• Support the RMF lifecycle: control implementation and testing, POA&M creation and management, eMASS package development, and ATO sustainment.
• Apply networking and network-security fundamentals: ports / protocols / services management, host and network firewalls, segmentation, and secure service configuration.
• Support secure software practices, including C++ build, configuration, and code-review support as needed.
• Document remediation rationale and maintain technical consistency across the automation codebase.

Requirements:

• Active Secret clearance, with the ability to obtain a TS/SCI.
• 8+ years of experience in information assurance, cybersecurity, or Linux systems administration.
• Hands-on Linux administration and hardening, ideally on the RHEL family (RHEL / Rocky).
• Proficiency in Python for automation and tooling.
• Working knowledge of C++.
• Experience with Docker / containerization.
• Experience with a configuration management tools.
• Solid networking fundamentals (TCP/IP, routing, firewalls, common ports / protocols).
• Familiarity with system boundary diagrams and RMF / SSP documentation.

Preferred Skills:

• Direct experience with DISA STIGs, SCAP Security Guide (SSG) / OpenSCAP, and SCC (SCAP Compliance Checker).
• Experience with eMASS, POA&Ms, and the full RMF authorization (ATO) process.
• Familiarity with RHEL security subsystems: FIPS / crypto-policies, authselect / PAM, faillock, fapolicyd, SELinux.
• Experience building compliance-as-code / CI/CD pipelines for automated remediation and validation.

Benefits:

• Medical insurance
• Dental insurance
• Vision insurance
• Short Term and Long Term Disability insurance
• Life Insurance
• Profit Sharing Plan (PSP) - 25% of salary on top of base salary
• 401k
• Flexible PTO and Holidays
• Tuition Reimbursement
• Professional Development and Mentorship provided