Security Engineer, Federal Assurance

Job Description

Scale is seeking a Security Engineer to join their team in Washington, DC. This role focuses on supporting Assessment and Authorization and agency audit activities for Scale’s products offered in the US Government and global Public Sector space. The Security Engineer will collaborate with internal teams at Scale and externally with customers, working on operational issues at the leading edge of machine learning technology.

The role involves:

• Leading public sector security compliance projects and audits (FedRAMP HIGH, DoD Cloud Computing SRG IL4/IL5/IL6, NIST 800-53 rev 5, NIST 800-171/CMMC, Risk Management Framework)
• Collaborating with product, engineering, security, operations, people operations, and legal to implement new technical, administrative, and operational controls
• Working with 3PAOs and federal government AOs to achieve compliance certifications and reports
• Ensuring the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures
• Serving as a liaison between system owners and other security personnel
• Developing, maintaining, reviewing, and updating system security documentation
• Conducting vulnerability scans and developing Plan of Action and Milestones (POAMs)
• Leading Risk Management Assessment and Authorization (A&A) processes
• Performing Cloud system risk assessments, enhancing process workflows, and developing new processes
• Implementing Security Technical Implementation Guides (STIGs)
• Leading security compliance reviews for new products, changes, and features
• Developing and providing training to improve security awareness

Requirements:

• Active US Top Secret security clearance with minimum IAT Level 2 certification (Security +, CASP, or similar)
• 5+ years of security compliance or technology audit related experience
• Experience implementing and maintaining frameworks and standards like FedRAMP, DoD Cloud Computing SRG, NIST 800-171, NIST 800-53, CMMC, NIST 800-53
• STIG/RMF policy knowledge & implementation
• Experience in project management
• Understanding of cybersecurity controls for cloud service providers
• Knowledge of AWS and other government authorized cloud services

Scale offers:

• Comprehensive health, dental and vision coverage
• Retirement benefits
• A learning and development stipend
• Generous PTO