Cybersecurity Lead

Simplesense helps those who help others. Emergency operators and first responders rely on a complex mix of legacy and modern information systems to coordinate actions during emergency incidents. However, these systems do not always interoperate well with one another, resulting in lower operational efficiency, poorer situational awareness, and slower response times. In emergency situations, response times can often be the difference between life and death. Simplesense integrates data and technologies to help operators and responders get the information they need to react faster in emergency incidents.

Simplesense is the prime contractor on the Air Force's Installation Resilience Operations Center (IROC) contract and is hiring to fill immediate needs to support the deployment of advanced technology to connect and secure civil engineering technologies for greater base awareness capabilities.

A Simplesense cybersecurity lead is a subject matter expert (SME) responsible for developing and managing the DoD process for continuous authority to operate (ATO) of Simplesense deployments to the government, as well as by leveraging best commercial practices.

Tasks

• Provide cybersecurity expertise to company leadership, engineers and clients.
• Assist with the development and maintenance of all necessary cybersecurity documents for achieving a continuous ATO on geographically dispersed hardware and software.
• Manage DoD ATO process for Simplesense systems, leading meetings with government assessment teams to determine priorities of cybersecurity controls
• Support development and analysis of Assessment & Authorization (A&A) and Life Cycle Management documentation of systems and/or networks.
• Provide coordination, tracking, and management through all aspects of the initial and recurring A&A process for both Simplesense assets and clients as required
• Recommend cybersecurity courses of action and implement where and when necessary for both government and commercial businesses
• Act as Information System Security Officer (ISSO) for Simplesense enterprise and government projects

Requirements

Required:

• Demonstrated knowledge as an information assurance/cybersecurity SME concerning C&A/A&A activities and all associated IA policies and procedures.
• Supported Information Assurance (IA) or A&A efforts for DoD systems
• Department of Defense (DoD) Risk Management Framework (RMF)
• Using the RMF to support the A&A process, including analyzing the development of supporting policies, procedures, and plans, designing and implementing security controls, testing and validating security controls, and analyzing and tracking corrective action plans.
• Providing technical guidance in the development and revision of customer information security policies
• Continuous monitoring and Plans of Action and Milestones (POA&M) management.
• A&A on hardware and software operating in geographically dispersed locations.
• Assessing systems deployed in Cloud Environments.
• Ability to receive CAC card and NIPR account for eMASS access

Desired:

• Cybersecurity experience with operational sensor technology (IoT, facility-related control systems, HVAC systems) or SCADA systems.
• Leveraging tools, including ACAS, CMRS, and eMASS preferred.
• Assessing organizational risks and recommending mitigation strategies.
• Knowledge of NIST 800 series publications.
• Familiarity with Google Workspace (Docs, Slides, Sheets).
• Exposure and knowledge of emergency services data (911, regional emergency response systems).
• Securing AWS and AWS GovCloud, particularly with IAM.
• Integrating security tooling into DevSecOps pipelines to maintain a continuous authority to operate.
• Managing external interfaces to subcontractors and vendors to ensure compliance with overall security framework
• Small company experience

Education and Certifications

Required:

• Bachelor’s degree in computer science, information technology, engineering, or related cybersecurity discipline
• 7+ years of experience with certification and DoD accreditation (C&A) or A&A
• Must be a US citizen with ability to received DoD CAC card and NIPR account

Desired:

• Advanced certification in cybersecurity such as CISSP, CISA, Security+
• Advanced degree in cybersecurity
• Active Secret clearance

Benefits

• $140,000 to $160,000 base salary depending on experience
• Healthcare
• Dental
• Vision
• 401(k)
• Stock options