Autonomy is one of the leading technological advances of this century that will come to impact our lives. The work you’ll do at Applied will meaningfully accelerate the efforts of the top autonomy teams in the world. At Applied, you will have a unique perspective on the development of cutting-edge technology while working with major players across the industry and the globe.
Applied Intuition provides software solutions to safely develop, test, and deploy autonomous vehicles at scale. The company’s suite of simulation, validation, and drive log management software enables development teams to create thousands of scenarios in minutes, run simulations at scale, and verify and validate algorithms for production deployment. Headquartered in Silicon Valley with offices in Detroit, Washington, D.C., Munich, Stockholm, Seoul, and Tokyo, Applied consists of software, robotics, and automotive experts with experiences from top global companies. Leading autonomy programs and 17 of the top 20 global OEMs use Applied’s solutions to bring autonomy to market faster.
About the role
Applied Intuition is looking for an IT professional experienced in cybersecurity risk management and compliance of software-as-a-service (SaaS) applications to fill the role of Security and Compliance Engineer in our Washington DC office. The Security and Compliance Engineer will work across the business, product, and security teams at Applied to ensure adequate security controls are being applied to manage risk.
The Security and Compliance Engineer’s primary role is to ensure that Applied’s products have the necessary security and compliance requirements relevant to our customers in the government and defense space. This includes ensuring that Applied’s products comply with the Security Technical Implementation Guides (STIGs) published by the Department of Defense (DoD), and that all Risk Management Framework (RMF) documentation is completed. The Security and Compliance Engineer will be responsible for the transmission of the relevant National Institute of Standards and Technology (NIST) expertise to the engineering team, the compilation of required documentation, and the preparation of software for vulnerability scanning.
At Applied, you will:
- Provide support of RMF assessment and documentation to product teams
- Analyze cyber vulnerabilities, assessing system compliance against security controls, and developing risk mitigation plans and strategies
- Evaluate network configurations and network architecture diagrams to design/develop cybersecurity risk programs
- Provide technical support and apply expertise in ensuring software compliance with DoD and RMF standards
- Implement policies and controls to achieve and maintain compliance with ISO, SOC2, and NIST standards
- Perform quality assurance reviews for required content on all packages in the Assessment and Authorization (A&A) process
We're looking for someone who has:
- 3+ years of experience working with the RMF Assessment Methodology, and extensive knowledge of the DoD Security A&A process
- Current DoD approved 8570 baseline certification
- Advanced degree in Cybersecurity, Computer Science, Computer Engineering, Software Engineering, Systems Engineering, or related technical field of study
- Demonstrated professional growth in cybersecurity
- Knowledge of DoD networks and architectures
- Understanding of government classified and unclassified cloud capabilities (e.g. AWS GovCloud) and can articulate its security structure
- Understanding of and experience in IC and DoD cybersecurity community
Nice to have:
- Familiarity with CMMC 2.0
- Breadth of experience with security scanning and security controls required for FedRAMP, DISA STIG, ISO27001, and CSP-specific security recommendation services
- Experience as Facility Security Officer with DoD security requirements (FOCI mitigation, CFIUS, CUI)
Don’t meet every single requirement? If you’re excited about this role but your past experience doesn’t align perfectly with every qualification in the job description, we encourage you to apply anyway. You may be just the right candidate for this or other roles.
Applicants will be required to be fully vaccinated against COVID-19 upon commencing employment. Reasonable accommodations will be considered on a case-by-case basis for exemptions to this requirement in accordance with applicable federal and state law. Applicants should be aware that for external-facing roles that involve close contact with Company employees or other third parties on the Company's premises, accommodations that involve remaining unvaccinated against COVID-19 may not be deemed reasonable. The Company will engage in the interactive process on an individualized basis taking into account the particular position.
Applied Intuition is an equal opportunity employer and federal contractor or subcontractor. Consequently, the parties agree that, as applicable, they will abide by the requirements of 41 CFR 60-1.4(a), 41 CFR 60-300.5(a) and 41 CFR 60-741.5(a) and that these laws are incorporated herein by reference. These regulations prohibit discrimination against qualified individuals based on their status as protected veterans
or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity or national origin. These regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, protected veteran status or disability. The parties also agree that, as applicable, they will abide by the requirements of Executive Order 13496 (29 CFR Part 471, Appendix A to Subpart A), relating to the notice of employee rights under federal labor laws.