Nist SP 800-53 Rev 5 Jobs

This senior-level Cybersecurity Engineer role supports an enterprise program management office dedicated to securing global communications networks for national defense. The position involves implementing security solutions compliant with DoD, NIST, and RMF directives while managing the Authority to Operate process using eMASS. Key responsibilities include leading vulnerability remediation efforts, developing Plan of Action and Milestones, and mentoring junior team members in a client-facing environment. The role appeals to professionals seeking to protect critical infrastructure with a mission-driven culture that values collaboration and professional growth. While the work arrangement is flexible with remote options, the position requires a Top Secret clearance and may involve occasional on-site collaboration at client facilities.

The Information Systems Security Officer role serves as a dual technical architect and compliance steward within the OIM department, bridging cybersecurity architecture with federal governance. Key responsibilities include designing secure-by-design systems, managing the Assessment and Authorization process, and overseeing continuous monitoring of security controls across diverse information systems. The position requires leading risk assessments, maintaining Plans of Action and Milestones, and ensuring strict adherence to NIST and DOE federal mandates. This opportunity appeals to professionals seeking to shape enterprise security strategy while working in a collaborative environment that values resilience and mission-critical protection. The role involves close collaboration with cross-functional teams and offers the chance to influence security culture through training and policy development.

The Associate Director, Research Security role at the University of Pennsylvania leads the institution's program for managing federal research data security compliance within a complex academic environment. Key responsibilities include developing risk-based security policies, ensuring adherence to standards such as CMMC and NIST SP 800-171, and coordinating institution-wide initiatives to protect sensitive research data. The position involves auditing system inventories, managing incident response, and serving as a subject matter expert for contract negotiators and research teams. This opportunity appeals to professionals seeking to work at a world-renowned Ivy League university with a collaborative culture, offering access to extensive professional development, comprehensive benefits, and a dynamic urban campus in Philadelphia.

The Cyber Security Analyst II role supports the Naval Information Warfare Center in Oahu, Hawaii, focusing on the FORGE additive manufacturing facility at Schofield Barracks. Key responsibilities include developing Risk Management Framework packages, maintaining Authorization and Accreditation documentation, and implementing security controls aligned with NIST standards. The position involves assessing vulnerabilities using tools like ACAS and Nessus, managing POA&Ms, and creating system authorization boundary diagrams. This opportunity appeals to professionals seeking to work within a high-impact Department of War Joint environment while collaborating with diverse internal and external stakeholders. The role requires an active Secret security clearance and offers a chance to contribute to critical national security infrastructure.

This full-time Cybersecurity A&A Engineer role supports the Command and Control, Battle Management and Communications team at Lockheed Martin, focusing on the Missile Defense System. The position involves analyzing system scans for continuous authorization, conducting risk assessments for acceptance requests, and collaborating with stakeholders to address vulnerabilities and improve cybersecurity workflows. The role offers a collaborative environment within an agile team, opportunities to interface with key government customers, and a supportive culture that values employee well-being. Located in Colorado Springs, the job requires onsite work with approximately 10% travel and features a flexible condensed work schedule.

The Information Systems Security Officer role is based onsite at the Quonset Point, Rhode Island facility and supports the C-130J Maintenance and Aircrew Training System cybersecurity team. The position involves developing and maintaining security plans for classified Windows and Linux environments, managing system accreditation under the Risk Management Framework, and conducting vulnerability assessments using tools like ACAS and Nessus. Key responsibilities include performing routine security scans, applying patches, maintaining Plan of Action and Milestones, and investigating security incidents. This opportunity appeals to professionals seeking to work with a pioneering cyber security organization that values innovation and integrity. The role offers a collaborative culture with flexible work schedules, comprehensive benefits, and the chance to solve complex engineering challenges while supporting national security missions.

This full-time Information Systems Security Officer role is based onsite at the Quonset Point, Rhode Island facility within Lockheed Martin's Rotary and Mission Systems division. The position supports classified cybersecurity operations for the C-130J Maintenance and Aircrew Training System. Key responsibilities include managing system accreditation under the Risk Management Framework, developing security plans, conducting vulnerability scans, and maintaining compliance with NIST and DoD directives. The role appeals to professionals seeking to work on complex engineering challenges within a culture that values innovation, integrity, and purposeful mission work. Employees benefit from flexible work schedules, comprehensive health and wellness benefits, and opportunities for professional growth in a collaborative environment.

The Cyber Information Assurance Analyst III role supports federal government clients by validating security requirements and assessing systems within complex networking environments. Key responsibilities include conducting cybersecurity audits, performing vulnerability assessments using tools like eMASS and Nessus, and analyzing security gaps to provide mitigation recommendations. The position requires travel approximately 85% of the time across domestic and international locations. This opportunity appeals to professionals seeking to work with a diverse holding company that supports economic development for the Chickasaw Nation. The role offers immediate eligibility for premium benefits including medical, dental, vision, and 401(k) with immediate vesting, alongside professional development assistance and a collaborative culture focused on national security.

This senior principal cyber software engineering role supports the Sentinel program within Northrop Grumman Defense Systems, located in Huntsville, Colorado Springs, or Roy. The position requires an active Secret clearance and involves leading design review procedures, decomposing requirements for implementation, and providing systems engineering expertise for enterprise-level cybersecurity systems. Key duties include evaluating designs against Department of Defense standards, utilizing model-based engineering tools, and ensuring compliance with industry regulations. The role appeals to candidates seeking to work on revolutionary defense technologies that impact global security. It offers a collaborative culture that values intellectual curiosity and innovation, with opportunities for professional growth and a work arrangement that includes approximately 10% travel.

The Information Systems Security Officer role within Space Dynamics Laboratory's C4ISR Division supports mission-critical defense and intelligence programs. The position focuses on ensuring system compliance with NIST 800-53 and RMF frameworks while managing the Authorization to Operate process. Key responsibilities include developing security documentation, conducting vulnerability assessments, and coordinating remediation efforts with technical teams. This opportunity appeals to professionals seeking to contribute to national security through innovative satellite and sensor technologies. The role offers a collaborative culture that values empowerment and accountability, with a work arrangement that supports a fast-paced, team-oriented environment.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division, focusing on integrating security by design into the product lifecycle. The position requires collaboration with engineering groups to establish and refine security processes, serve as a subject matter expert on cyber risks, and manage pre-market and post-market compliance activities including threat modeling and vulnerability management. The role appeals to candidates seeking to directly impact patient safety while working in a collaborative, patient-first culture. The position is based in Danvers, Massachusetts or Raritan, New Jersey, with a hybrid work arrangement requiring office presence at least three days per week.

The Security Assessor role at TLA focuses on evaluating the effectiveness of security controls within information systems to ensure data protection and regulatory compliance. Key responsibilities include conducting comprehensive security assessments, identifying vulnerabilities through scanning and testing, and collaborating with IT teams to validate remediation strategies. The position requires preparing detailed documentation and ensuring adherence to frameworks such as NIST and ISO 27001. This opportunity is appealing for professionals passionate about national security missions, offering a collaborative culture that values innovation and excellence. The company supports career growth through education reimbursement, certification opportunities, and professional development. The role is based on-site with a focus on delivering impactful outcomes for government customers.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include partnering with engineering teams to enforce security policies, creating and improving security processes, and generating critical documentation such as threat models and risk management plans. The role also involves guiding compliance certification activities and advising on balancing business needs with medical device security objectives. This opportunity appeals to candidates seeking to directly impact patient lives within a Patient First culture. The position is based in Danvers, MA or Raritan, NJ, with a hybrid work arrangement requiring office presence at least three days per week.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include partnering with engineering teams to enforce security policies, creating and improving security processes, and delivering critical documentation such as threat models and risk management plans for regulatory compliance. The role appeals to candidates seeking to directly impact patient lives by shaping industry standards in a collaborative, patient-first culture. While the position is primarily based in Danvers, MA or Raritan, NJ with a requirement to be in-office at least three days per week, remote work options may be considered on a case-by-case basis.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include partnering with engineering teams to enforce security policies, creating and improving security processes, and delivering critical documentation such as threat models and risk management plans. The role also involves guiding compliance certification activities and advising development teams on balancing business needs with medical device security objectives. This opportunity appeals to candidates seeking to directly impact patient lives within a collaborative, patient-first culture. The position is based in Danvers, MA or Raritan, NJ, with a hybrid work arrangement requiring office presence at least three days per week.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include partnering with engineering teams to enforce security policies, creating and improving security processes, and delivering critical documentation such as threat models and risk management plans. The role appeals to candidates seeking to directly impact patient lives by shaping industry standards and ensuring compliance with rigorous regulatory frameworks like FDA, ISO 27001, and SOC2. The position is based in Danvers, MA, or Raritan, NJ, with a hybrid work arrangement requiring office presence three days per week, offering a collaborative environment within a Patient First culture.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division, focusing on integrating security by design into the product lifecycle. The position requires partnering with engineering groups to enforce security policies, develop risk management documentation, and guide teams through pre-market and post-market compliance activities. Key responsibilities include creating security processes, acting as a subject matter expert on cyber threats, and supporting certifications such as SOC2 and ISO 27001. The role is based in Danvers, MA, with a hybrid schedule requiring three days in the office, though remote options may be considered. The position appeals to candidates seeking to impact patient safety directly within a collaborative, patient-first culture while shaping industry standards for medical device security.

This Principal Product Security Engineer role is part of the Technology Enterprise Strategy & Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design into the product development lifecycle, partnering with engineering groups to ensure adherence to security policies and regulatory standards. Key responsibilities include creating and improving security processes, acting as a subject matter expert on cyber security matters, and delivering critical documentation for pre-market activities and compliance certifications such as SOC2 and ISO 27001. The role appeals to candidates seeking to directly impact patient lives through innovative security solutions in a regulated environment. The position is based in Danvers, MA, with a hybrid work arrangement requiring office presence three days per week, though remote options may be considered on a case-by-case basis.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include partnering with engineering teams to enforce security policies, creating and improving security processes, and delivering critical documentation such as threat models and risk management plans. The role also involves guiding compliance certification activities and advising development teams on balancing business needs with medical device security objectives. This opportunity appeals to candidates seeking to directly impact patient lives within a Patient First culture. The position is based in Danvers, MA, with a hybrid work arrangement requiring office presence three days per week, though remote options may be considered case-by-case.

This Principal Product Security Engineer role resides within the Technology Enterprise Strategy & Security team at Johnson & Johnson, focusing on securing medical device products. The position involves partnering with engineering groups to embed security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include creating and refining security processes, acting as a subject matter expert on cyber threats, and delivering critical documentation for regulatory compliance such as SOC2 and ISO 27001. The opportunity is appealing for its chance to directly impact patient safety while shaping industry standards in a Patient First culture. The role is based in Danvers, MA or Raritan, NJ, with a hybrid work arrangement requiring office presence three days per week.

This Principal Product Security Engineer role supports the newly formed Product Security team within Johnson & Johnson's medical device division. The position focuses on embedding security by design throughout the product lifecycle, from pre-market development to post-market vulnerability management. Key responsibilities include partnering with engineering teams to enforce security policies, creating and improving security processes, and delivering critical documentation such as threat models and risk management plans. The role appeals to candidates seeking to directly impact patient lives by shaping industry standards and ensuring compliance with rigorous frameworks like ISO 27001 and FDA regulations. The position is based in Danvers, MA or Raritan, NJ, with a hybrid work arrangement requiring office presence three days per week, offering a collaborative environment within a Patient First culture.

This full-time Information System Security Engineer role supports the Crane Naval Base in Indiana within a government-focused technology team. The position involves designing and implementing secure network architectures, managing Risk Management Framework activities, and developing technical security documentation such as risk assessments and cybersecurity strategies. The role requires independent execution of certification and testing processes in compliance with NIST and DoD standards. The position is appealing due to the company's strong investment in employee growth through training, certification support, and tuition assistance. It offers a collaborative small-company culture with Monday through Friday day shifts, paid relocation assistance, and comprehensive benefits including healthcare and retirement plans.

This full-time Cyber Security Engineer role supports mission-critical national security and defense programs within the Technology and Consulting Services team at Maximus. The position requires an active TS/SCI clearance and is based onsite five days a week in San Antonio, Texas. Key responsibilities include implementing cybersecurity controls for JCC2 systems, conducting risk assessments and vulnerability scans, responding to security incidents, and ensuring compliance with DoD policies and RMF standards. The role appeals to professionals seeking high-impact work in a fast-paced environment where they can contribute to meaningful government missions. Candidates will collaborate with engineering teams to improve system security posture and participate in Agile planning activities. The position offers the opportunity to work with advanced security technologies and supports career growth through exposure to classified systems and DoD DevSecOps environments.

The Director of Information Security leads the Information Technology Compliance Department within a banking institution, overseeing enterprise-wide cybersecurity, third-party vendor risk, and incident response strategies. Key responsibilities include managing regulatory compliance with frameworks like NIST CSF 2.0 and GLBA, developing and testing incident response playbooks, and directing artificial intelligence security policies. The role involves mentoring staff, presenting risk assessments to the Board of Directors, and maintaining relationships with external regulatory agencies. This position offers a dynamic environment for a seasoned leader to shape the bank's security posture while enjoying a hybrid work arrangement that balances office collaboration with remote flexibility.

This full-time Cyber Security Engineer role supports mission-critical national security and defense programs for Maximus in San Antonio, Texas. The position requires an active TS/SCI clearance and involves implementing cybersecurity controls, conducting risk assessments, and responding to security incidents within DoD environments. Key responsibilities include performing vulnerability scans, ensuring compliance with RMF and NIST standards, and collaborating with engineering teams to maintain system security. The role appeals to professionals seeking high-impact work in a fast-paced government setting with a focus on accountability and results. Candidates must be available to work onsite five days a week and possess five years of experience with DoD frameworks and security technologies.