×
Apply for Jobs Apply for Jobs Post a Job Post a Job Local Jobs Home
Register Here to Apply for Jobs or Post Jobs. X
More jobs:
Cybersecurity Information Security

Senior Cybersecurity Engineer - Compliance & Risk Management

Job in Alexandria, Fairfax County, Virginia, 22350, USA
Listing for: Human Resources Research Organization
Full Time position
Listed on 2025-12-25
Job specializations:
  • IT/Tech
    Cybersecurity, Information Security
Job Description & How to Apply Below

Senior Cybersecurity Engineer - Compliance & Risk Management

The Human Resources Research Organization (HumRRO) is a non-profit leader in developing high-impact services and products in the arenas of employment, military, student testing, and professional credentialing and licensure. We work with federal and state government agencies, private sector organizations, and professional associations.

Overview

HumRRO is a non-profit organization dedicated to work that contributes to science and society. Our employees enjoy a collaborative and supportive environment that fosters innovation, ethical practice, and outstanding customer service. Our core operational staff includes Industrial-Organizational Psychologists, Educational Researchers, and Behavioral Science Consultants. We are committed to supporting a diverse workforce and to practicing equity and inclusion for all staff.

About

the Job

We are seeking a Senior Cybersecurity Engineer to lead enterprise compliance and security programs across federal, state, and private sector engagements. This role manages multiple compliance frameworks including CMMC, FedRAMP, SCRM, NIST 800-171/800-53, and ISO 27001:2022 regulatory requirements. You will work on compliance standards across hybrid cloud environments while leading a team of junior engineers conducting vulnerability assessments and security scanning operations.

A significant portion of this role involves creating security documentation, developing compliance policies, responding to time-critical security requirements from clients, and managing third-party compliance audits.

Responsibilities
  • Lead enterprise cybersecurity compliance programs (CMMC, FedRAMP, SCRM, NIST frameworks, ISO 27001:2022)
  • Manage monthly compliance reporting and KPI dashboards for executive leadership
  • Coordinate third-party compliance audits (NIST 800-171, CMMC, ISO 27001, FedRAMP) and remediation activities
  • Maintain compliance evidence catalogs and SaaS compliance implementation controls
  • Evaluate and implement security controls across software applications and cloud platforms AWS, Azure, and Office 365
  • Oversee Risk Management Framework (RMF) processes for government contract organizations as well as applications in the DoD space (ATO/IATT/IATO documentation)
  • Conduct weekly Plan of Action and Milestone (POA&M) reviews and monthly security assessments
  • Develop and maintain security policies, procedures, and technical standards
  • Lead vulnerability management programs and conduct security assessments and penetration testing coordination
  • Manage business continuity of operations (COOP) program including disaster recovery and crisis management plans
  • Lead incident response and security event investigation
  • Mentor and manage junior cybersecurity engineers and analysts
  • Interface with federal agencies, auditors, and compliance assessors
  • Work with system architects for security requirements on existing cloud workloads, cloud migrations and/or hybrid environments
  • Facilitate and oversee completion of all customers' cyber security questionnaires and qualifications with time-critical deadlines
  • Coordinate with HumRRO Contracts Division on written responses to RFPs regarding IT security, controls, data privacy and regulatory compliance
  • Assist with implementation and administration of cybersecurity supply chain risk management (C-SCRM) program
  • Develop compliance documentation and security narratives for proposals
  • Support business development with technical security expertise
  • Serve as subject matter expert on internal security controls and regulations
Minimum Requirements
  • US Citizen with ability to obtain/maintain security clearance
  • Work on-site at Alexandria VA (Up to 2 remote days possible after probation period)
  • Bachelor's degree in Cybersecurity, Computer Science, or equivalent field. Work experience may be considered in lieu of degree
  • 7+ years of cybersecurity engineering and compliance experience
  • 5+ years of enterprise experience managing Risk and Compliance efforts including multiple regulatory and standard security frameworks
  • Existing Security+ certification or the ability to obtain within 6 months (CISSP, CCSP, or CISM preferred)
  • Deep expertise in NIST 800-171,…
Position Requirements
10+ Years work experience
To View & Apply for jobs on this site that accept applications from your location or country, tap the button below to make a Search.
(If this job is in fact in your jurisdiction, then you may be using a Proxy or VPN to access this site, and to progress further, you should change your connectivity to another mobile device or PC).
 
 
 
Search for further Jobs Here:
(Try combinations for better Results! Or enter less keywords for broader Results)
Location
Increase/decrease your Search Radius (miles)

Job Posting Language
Employment Category
Education (minimum level)
Filters
Education Level
Experience Level (years)
Posted in last:
Salary
Advanced Search