About the company: **
At VivSoft, we aim to solve complex federal problems using emerging and open technologies in a collaborative and rewarding environment. VivSoft is a diverse team of strategists, engineers, designers, and creators experienced in building high-performance, effective software, with a focus on impactful organisational design and software delivery dynamics. We build secure Software Factories based on DoD reference designs and NIST Frameworks for Cloud and DevSecOps. These factories deliver AI/ML Applications, Data Science Platforms, Blockchain and Microservices for DoD, Healthcare and Civilian Agencies
Job Summary:
The Cybersecurity Engineer independently designs, implements, and manages security solutions for government information systems, applying deep security engineering expertise to protect federal networks, applications, and data. For this project, they owns the ARES Authority to Operate workstream and are responsible for implementing, documenting, and continuously monitoring the NIST SP 800 security control set for the production capability. This is a hands-on engineering role, requiring the ability to work with developers to configure platform encryption, govern the ICAM federation, author the System Security Plan, and maintain the POA&M throughout the period of performance.
Key Responsibilities:
Manage overall platform security to meet/exceed stakeholder cybersecurity expectations
Design and implement security architectures, controls, and technologies for government systems
Lead vulnerability assessment, penetration testing support, and security engineering reviews
Develop and maintain security documentation (SSPs, POA&Ms, etc.) for ATO packages
Support Risk Management Framework (RMF) implementation and continuous monitoring programs
Implement Zero Trust, identity management, and endpoint security solutions