← Back to all jobs
14d left to apply
D

Platform Security & RMF Lead

DEF CON🌍 Remote WorldwideEstimated: $80,000 - $120,000

Platform Security & RMF Lead

About DEFCON AI:
DEFCON AI is an insights company that leverages artificial intelligence, mathematical optimization, data analytics, and software engineering to achieve resilient optimization of complex systems. Our technology helps organizations align outcomes with operational goals, improve decision-making, and anticipate, assess, and mitigate disruptions.

About the Role:
This is a unique opportunity to define the security posture of a mission-critical DoD software platform from its inception. As the Platform Security & RMF Lead, you will own the authorization posture and platform-level security discipline for DEFCON AI’s government-facing systems. You are responsible for the full Risk Management Framework (RMF) lifecycle, from Authority to Operate (ATO) strategy through continuous monitoring, serving as the authoritative voice on system security, compliance, and authorization.

You will collaborate with Architecture and DevSecOps leadership to define security standards and ensure cross-domain data flows comply with classification and authorization requirements. This is a senior-level role requiring expert fluency in DoD security frameworks, RMF processes, and cleared-system environments.

Key Responsibilities:

  • ATO Strategy & RMF Ownership: Define and execute the ATO pathway, author and maintain RMF documentation (SSP, SAP, SCTM, ConMon) per DoDI 8510.01 and NIST 800-53, coordinate with eMASS and Authorizing Officials, and lead continuous monitoring and reauthorization efforts.
  • Cross-Domain Security & Classification Policy: Define security requirements for cross-domain data flows (IL-5, IL-6, tactical edge), evaluate and guide selection of DoD-approved cross-domain solutions, and ensure classification-aware data segmentation is enforceable and aligned with policy.
  • Multi-Enclave Security Architecture: Support secure operation across NIPR, SIPR, and higher classification environments, define authorization approaches across enclaves, ensure security posture scalability, and maintain alignment with evolving joint and service-level security requirements.
  • Platform Security Advisory: Serve as the authoritative internal resource for DoD security and RMF questions, advise on container security, RBAC, service mesh security, PKI/CAC integration, and secrets management, define expectations for security scanning and vulnerability management, and evaluate new capabilities for security impacts.

Required Qualifications:

  • 10+ years of information assurance or security engineering experience with increasing seniority.
  • 5+ years of hands-on RMF/ATO package ownership for DoD production systems, including at least one full authorization cycle.
  • Deep familiarity with DoD security frameworks, RMF processes, and NIST 800-53 controls.
  • Proven ability to operate in complex, multi-enclave or classified environments.
  • US Citizenship Required.
  • Active Secret Clearance.
  • Willingness to travel up to 25%.

Preferred Qualifications:

  • Active TS/SCI Clearance.
  • Experience supporting USMC or Service-level network environments.
  • Experience with ATO inheritance, reciprocity, or common control provider model.
  • Experience with cross-domain solutions or multi-level security architectures.
  • Familiarity with Palantir Foundry or Anduril Lattice environments.
  • Prior experience as an ISSO, SCA, or similar senior DoD security role.

What Success Looks Like:

  • A clear ATO pathway is defined, approved, and progressing.
  • RMF artifacts and compliance evidence are integrated into the delivery process.
  • Cross-domain data flows are secure by design with embedded classification policy.
  • The platform operates securely across multiple enclaves without requiring re-architecture.
  • Engineering teams proactively engage security early in design decisions.
  • Government stakeholders view the system’s security posture as credible and audit-ready.

What We Offer:

  • A fully remote, results-based environment.
  • Competitive salary, bonus, and equity package.
  • 100% employer-paid comprehensive health insurance (medical, dental, vision) for family.
  • Unlimited PTO (with manager approval).
  • Flexible work environment.
  • 14 weeks of fully-paid parental leave.

Salary Range: $175,000 - $215,000.

Apply Now

This job is active but will expire soon. Click below to apply on the company's website.

Apply for this role ↗

Share Job

Know someone who would be a perfect fit? Share this opportunity.

Job Overview

Posted6/4/2026
CategoryCybersecurity
SourceJobsCollider

FAQ

Is this position remote?

The Platform Security & RMF Lead role is a remote opportunity. The location specified is Remote Worldwide.

What is the salary?

The salary is not explicitly stated, but is competitive and based on experience.

How do I apply?

You can apply by clicking the "Apply for this role" button above to submit your application on the hiring website.

Similar Opportunities

I

SOC Analyst I (Remote)

Intelligent Technical SolutionsRemote Worldwide🏠 Remote
Competitive
Cybersecurity
View Job →
a

Junior SOC Analyst

accesa.euRemote Worldwide🔄 Hybrid
Competitive
Cybersecurity
View Job →
M

Vergabemanager (m/w/d) Öffentliche Ausschreibung

MY Humancapital GmbHMunich🏠 Remote
Competitive
Cybersecurity
View Job →