Senior Security Engineer – Governance, Risk & Compliance; SSP Lead

Overview

Job Title:
Senior Security Engineer – Governance, Risk & Compliance (SSP Lead)

Location:
Austin, TX – Hybrid - inperson interview

Job Description:

• MUST HAVE: 12+ years of experience with deep focus on Governance, Risk, and Compliance (GRC), Enterprise Security and Security Architecture, Vulnerability Management and Penetration Testing, and Cloud Security in hybrid environments
• MUST HAVE: 10+ years of proven experience owning and managing end-to-end System Security Plan (SSP) development.
• MUST HAVE: 10+ years of hands-on experience with CMS MARS-E v2.2 or comparable federal/state security frameworks.
• MUST HAVE: 10+ years of strong expertise in control implementation documentation
  , audit evidence collection and validation, and POA&M creation, tracking, and remediation management.
• MUST HAVE: 8+ years of experience translating technical security issues into compliance-aligned remediation actions.
• MUST HAVE: 8+ years of strong stakeholder management experience across security, infrastructure, and application teams.
• MUST HAVE: 8+ years of excellent written and verbal communication skills, particularly supporting executive stakeholders.
• MUST HAVE: 8+ years of knowledge of NIST 800-53, NIST RMF, and privacy controls.
• MUST HAVE: 8+ years of knowledge and experience with Secure SDLC and Dev Sec Ops  practices.
• Preferred: 5+ years of experience operating in multi-vendor, multi-platform environments.
• Preferred: 5+ years of demonstrated ability to reduce repeat audit findings and improve compliance maturity.
• Preferred: 5+ years of experience mentoring or guiding teams on security governance best practices.
• Preferred: 1+ year of experience supporting HHSC systems, including SSP development and compliance