Jobs via Dice
Security Engineer (Platform Assurance / Compliance)
Jobs via Dice, Huntsville, Alabama, United States, 35824
Security Engineer (Platform Assurance / Compliance)
Guidehouse is seeking a Security Engineer to join our Technology / AI and Data team, supporting mission‑critical initiatives for Defense and Security clients. In this role you will ensure advanced AI‑driven platforms meet stringent federal security and compliance requirements, including FedRAMP High, RMF, and NIST standards. You will embed secure architecture patterns, validate control implementation, and maintain continuous monitoring readiness across cloud, backend, and AI/ML components. Acting as a key liaison between engineering teams and security stakeholders, you will drive risk identification and remediation, support accreditation activities, and deliver secure, resilient solutions that enable trusted decision‑making in support of national security objectives.
Job Family:
IT Cyber Security
Travel Required:
Up to 10%
Clearance Required:
Active Top Secret (TS)
What You Will Do
Serve as a core security engineer ensuring the adjudication AI platform meets applicable federal requirements including FedRAMP High, RMF, NIST 800‑53, CJIS, and FBI ATO standards.
Collaborate with cloud, DevOps, backend, and AI/ML teams to embed secure architecture patterns, validate control implementation, and maintain continuous monitoring readiness across all platform components.
Develop RMF documentation, support POA&M management, conduct vulnerability assessments, ensure secure baseline configurations, and support accreditation activities.
Act as liaison between engineering teams and ISSO/security stakeholders, ensuring risks are identified, tracked, and remediated efficiently.
Implement NIST 800‑53 and FedRAMP High controls across access management, encryption, monitoring, boundary protection, configuration management, and secure data lifecycle workflows.
Validate secure configuration of AWS GovCloud services, EKS clusters, container runtimes, VPC boundaries, IAM policies, and workload identities.
Ensure backend APIs, vector stores, retrieval services, LLM inference gateways, scoring engines, and memo‑generation modules follow compliant security standards.
Embed secure coding, least‑privilege access enforcement, input validation, and hardened model‑serving workflows across all development teams.
Develop and maintain SSPs, CIS statements, boundary diagrams, data‑flow diagrams, and continuous monitoring documentation for ATO readiness.
Assist with creation, tracking, and remediation of POA&M items, ensuring timely closure of vulnerabilities and deficiencies.
Prepare system artifacts for assessments, security testing, authorization reviews, and continuous monitoring updates.
Conduct vulnerability scans, analyze results, and coordinate remediation with engineering teams.
Support patching workflows, baseline enforcement, configuration drift detection, and container/OS hardening processes.
Validate CloudTrail, CloudWatch, GuardDuty, Config Rules, and other logging/monitoring systems for compliance with AU, SI, RA, and CM control families.
Develop dashboards and reporting for CA‑7, RA‑5, CM‑6, AU‑x, and other continuous monitoring requirements.
Integrate SAST, SCA, IaC scanning, container scanning, and dependency verification into DevSecOps workflows.
Validate Terraform/CloudFormation templates for alignment with encryption, identity, and GovCloud boundary restrictions.
Review API design, authentication flows, model inference endpoints, and data‑ingestion pipelines for security gaps or policy violations.
Support hardening of LLM workflows, retrieval processes, and document‑ingestion operations.
Work with backend, cloud, AI/ML, and data engineering teams to translate controls into engineering requirements aligned with adjudication workflows.
Provide teams with security requirements, engineering checklists, and compliance guidance to accelerate delivery while maintaining security posture.
Collaborate with adjudicators, mission SMEs, and operations teams to ensure evidence tracking, audit logging, and data‑handling workflows support mission needs.
What You Will Need
Active and maintained "TOP SECRET" Federal or DoD security clearance and obtained and maintain TS/SCI clearance.
Bachelor's Degree or four (4) additional years of experience in lieu of degree.
Five or more years of cybersecurity engineering experience, including three or more years supporting RMF, FedRAMP, CJIS, or ATO systems.
Knowledge of NIST 800‑53 controls, FedRAMP High requirements, AWS GovCloud security patterns, IAM, encryption (KMS/TLS), logging pipelines, and vulnerability scanning tools.
Experience writing ATO documentation, control statements, risk assessments, and boundary artifacts.
Strong communication skills supporting collaboration with engineers and mission stakeholders.
What Would Be Nice To Have
CISSP, CCSP, Security+, or AWS Security Specialty certifications.
Experience supporting FBI, IC, DoD, DHS, or other national‑security systems.
Experience securing AI/ML platforms, LLM inference pipelines, retrieval systems, or sensitive‑data workloads.
Familiarity with adjudication, continuous vetting, or personnel security workflows.
Experience with zero‑trust architectures, air‑gapped deployments, or SCIF‑compatible systems.
What We Offer Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Parental Leave
401(k) Retirement Plan
Group Term Life and Travel Assistance
Voluntary Life and AD&D Insurance
Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
Transit and Parking Commuter Benefits
Short‑Term & Long‑Term Disability
Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Care.com annual membership
Employee Assistance Program
Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
Position may be eligible for a discretionary variable incentive bonus
About Guidehouse Guidehouse is an Equal Opportunity Employer – Protected Veterans, Individuals with Disabilities, or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
Location & Compensation Huntsville, AL - $64,784.00 - $97,186.00 (current salary range)
#J-18808-Ljbffr
Job Family:
IT Cyber Security
Travel Required:
Up to 10%
Clearance Required:
Active Top Secret (TS)
What You Will Do
Serve as a core security engineer ensuring the adjudication AI platform meets applicable federal requirements including FedRAMP High, RMF, NIST 800‑53, CJIS, and FBI ATO standards.
Collaborate with cloud, DevOps, backend, and AI/ML teams to embed secure architecture patterns, validate control implementation, and maintain continuous monitoring readiness across all platform components.
Develop RMF documentation, support POA&M management, conduct vulnerability assessments, ensure secure baseline configurations, and support accreditation activities.
Act as liaison between engineering teams and ISSO/security stakeholders, ensuring risks are identified, tracked, and remediated efficiently.
Implement NIST 800‑53 and FedRAMP High controls across access management, encryption, monitoring, boundary protection, configuration management, and secure data lifecycle workflows.
Validate secure configuration of AWS GovCloud services, EKS clusters, container runtimes, VPC boundaries, IAM policies, and workload identities.
Ensure backend APIs, vector stores, retrieval services, LLM inference gateways, scoring engines, and memo‑generation modules follow compliant security standards.
Embed secure coding, least‑privilege access enforcement, input validation, and hardened model‑serving workflows across all development teams.
Develop and maintain SSPs, CIS statements, boundary diagrams, data‑flow diagrams, and continuous monitoring documentation for ATO readiness.
Assist with creation, tracking, and remediation of POA&M items, ensuring timely closure of vulnerabilities and deficiencies.
Prepare system artifacts for assessments, security testing, authorization reviews, and continuous monitoring updates.
Conduct vulnerability scans, analyze results, and coordinate remediation with engineering teams.
Support patching workflows, baseline enforcement, configuration drift detection, and container/OS hardening processes.
Validate CloudTrail, CloudWatch, GuardDuty, Config Rules, and other logging/monitoring systems for compliance with AU, SI, RA, and CM control families.
Develop dashboards and reporting for CA‑7, RA‑5, CM‑6, AU‑x, and other continuous monitoring requirements.
Integrate SAST, SCA, IaC scanning, container scanning, and dependency verification into DevSecOps workflows.
Validate Terraform/CloudFormation templates for alignment with encryption, identity, and GovCloud boundary restrictions.
Review API design, authentication flows, model inference endpoints, and data‑ingestion pipelines for security gaps or policy violations.
Support hardening of LLM workflows, retrieval processes, and document‑ingestion operations.
Work with backend, cloud, AI/ML, and data engineering teams to translate controls into engineering requirements aligned with adjudication workflows.
Provide teams with security requirements, engineering checklists, and compliance guidance to accelerate delivery while maintaining security posture.
Collaborate with adjudicators, mission SMEs, and operations teams to ensure evidence tracking, audit logging, and data‑handling workflows support mission needs.
What You Will Need
Active and maintained "TOP SECRET" Federal or DoD security clearance and obtained and maintain TS/SCI clearance.
Bachelor's Degree or four (4) additional years of experience in lieu of degree.
Five or more years of cybersecurity engineering experience, including three or more years supporting RMF, FedRAMP, CJIS, or ATO systems.
Knowledge of NIST 800‑53 controls, FedRAMP High requirements, AWS GovCloud security patterns, IAM, encryption (KMS/TLS), logging pipelines, and vulnerability scanning tools.
Experience writing ATO documentation, control statements, risk assessments, and boundary artifacts.
Strong communication skills supporting collaboration with engineers and mission stakeholders.
What Would Be Nice To Have
CISSP, CCSP, Security+, or AWS Security Specialty certifications.
Experience supporting FBI, IC, DoD, DHS, or other national‑security systems.
Experience securing AI/ML platforms, LLM inference pipelines, retrieval systems, or sensitive‑data workloads.
Familiarity with adjudication, continuous vetting, or personnel security workflows.
Experience with zero‑trust architectures, air‑gapped deployments, or SCIF‑compatible systems.
What We Offer Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Parental Leave
401(k) Retirement Plan
Group Term Life and Travel Assistance
Voluntary Life and AD&D Insurance
Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
Transit and Parking Commuter Benefits
Short‑Term & Long‑Term Disability
Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Care.com annual membership
Employee Assistance Program
Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
Position may be eligible for a discretionary variable incentive bonus
About Guidehouse Guidehouse is an Equal Opportunity Employer – Protected Veterans, Individuals with Disabilities, or any other basis protected by law, ordinance, or regulation. Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
Location & Compensation Huntsville, AL - $64,784.00 - $97,186.00 (current salary range)
#J-18808-Ljbffr