DaVita is a leader in quality care and education for chronic kidney disease and end-stage renal disease. Since 1999, the company has worked toward a mission to

InfoSec Engineer – Compliance, ATO

ComplianceComplianceFull TimeRemoteSeniorCompany Site

Location

United States

Posted

39 days ago

Salary

Not specified

Seniority

Senior

Professional Certificate5 yrs expEnglishAWSAzureCloudKubernetesOpen ShiftType Script

Job Description

• Own and execute our strategy for how we approach ATOs across our customers. • Lead the end-to-end ATO process for IL-6 (SIPR) and IL-7(JWICS) environments, through full authorization and follow-on compliance. • Own RMF (Risk Management Framework) documentation and control implementation across multiple simultaneous ATOs • Work with 3PAOs and federal government AOs to achieve compliance certifications and reports • Ensure the implementation, oversight, monitoring, and maintenance of security configurations, practices, and procedures • Serve as a liaison between system owners and other security personnel, ensuring that selected security controls are effectively implemented and maintained throughout the lifecycle of projects • Interface directly with government ISSMs, AOs, and security stakeholders to manage authorization packages and navigate accreditation tools (XACTA, eMASS) • Design and implement role-based access controls, data classification frameworks, and audit logging capabilities for classified environments • Architect solutions for handling TS/SCI data with proper controls and separation that meet DoD requirements • Ensure compliance with DISA STIGs, SRGs, NIST 800-53, and DoD hardening standards • Build scalable systems and processes for managing ATOs across different customers and sponsors • Coordinate with platform engineering teams on security roadmap priorities and technical implementation • Manage relationships with government sponsors and identify opportunities to parallel-path authorization efforts • Work closely with mission engineering teams deploying to classified environments and partner with compliance engineering on FedRAMP and CMMC efforts • Brief executive leadership on ATO status, risks, and strategic decisions

Job Requirements

Must have personally led or been deeply involved in achieving ATOs or DISA provisional authorizations
5+ years in information security, with significant time in government/DoD compliance
Direct experience with RMF, NIST 800-53, DISA STIGs, and IL-4/IL-5/IL-6/IL-7 environments
Track record of working closely with government ISSMs, AOs, to navigate and expedite bureaucratic processes
Experience with XACTA, eMASS, or similar government accreditation platforms
Deep understanding of classified network architectures (SIPR, JWICS)
Experience implementing RBAC, audit logging, and data classification systems
Knowledge of cloud security in AWS GovCloud, Google Government, and Azure Government
Familiarity with container security, Kubernetes/OpenShift in classified environments
Understanding of cross-domain solutions and data transfer between classification levels
Ability to navigate complex government processes and build relationships with government stakeholders
Strong written communication for technical documentation and compliance artifacts
Must hold an active U.S. TS Security clearance with SCI Eligibility.

Benefits

Health, dental, and vision insurance
Remote friendly with WeWork access
Unlimited PTO, shared downtime during the federal holiday calendar, and company-wide off time at the end of each year
401(k) match
Lifestyle & wellbeing stipends
Salary top-up during military reserve duty
Fully paid parental leave
Child and pet care reimbursement during travel