Senior Security Engineer

Open to any office location/Remote /
Nava Roles - Engineering – Security /
Nava is at the forefront of reimagining how our government serves its people, and we’re looking for experienced security engineers to help drive this mission forward.
You will work on a small team, helping to improve and manage all aspects of the clients' systems systems, which are deployed on AWS. We work as integrated teams of Security, Infrastructure, and Software Engineers. We make heavy use of tools such as Docker, Terraform, and Jenkins and we continually evaluate new technologies as they become production-ready for government contexts.
You'll be responsible for the security of these critical systems. By doing this, you’ll help ensure that Nava continues delivering services that millions of Americans depend on. You care deeply about working on technology that affects people’s lives, and are passionate about designing for security, building secure infrastructure, and maintaining secure systems.

What you’ll do

Work to define the security posture of CMS cloud in collaboration with CMS and other partner contractors. Responsible for maintaining the Authority To Operate for all CMS Cloud systems under Nava’s control. Work with Software Engineers and Infrastructure Engineers to make our technical designs secure from the startDevelop processes and technology to enable automated defense and detection at the operating system and container levelWork with Software Engineers to ensure that frontend and backend application code is secure against various types of attacksImplement and manage security tools such as scanners to help keep infrastructure, operating systems, containers, and applications secure.

What we’re looking for

- Previous experience securing a medium or large scale production system
- Experience building a security team supporting a large, multi vendor cloud system. 
- Familiarity with US government compliance requirements. (CMS compliance standards, ARS or MARS-e preferred)
- Experience leading an ATO for a large government system. 
- Significant experience in one or more of: Cloud security, Linux/Unix OS and container security, web application and API security
- Experience securing data at rest (encryption) and in transit (SSH and HTTPS)
- Ability to automate procedural tasks using scripting or coding in Python, Javascript, or Ruby
- A thoughtful, adaptive, and collaborative mindset
- Excellent written and verbal communication skills, technical and otherwise
- Ability to pick up and learn new security, development, and operations skills
- Years of experience: 10 
- Education: Due to contractual requirements, requires a Bachelor's Degree (in any discipline) or equivalent experience.

Lead Specific: Ability to explain security best practice to less technical stakeholdersAbility to lead security projects from kick-off to implementationBonus: Management experience

Remote states Nava is actively hiring in: California, DC, Florida, Georgia, Illinois, Louisiana, Maryland, Massachusetts, Michigan, North Carolina, New Jersey, New York, Oklahoma, Oregon, Pennsylvania, Rhode Island, Texas, Virginia, Washington.** If you are not living in one of the states listed above, unfortunately, you will not be considered for a position at this time.

We're a small team working to radically improve our government, so everyone that joins us has a direct impact on the direction and success of Nava. We are stewards – we hold a deep responsibility towards the systems that we work with. We are a community – we value collaboration both within our teams and with the many hardworking people within government. We offer generous benefits and equity.

We care deeply about diversity and inclusion at Nava. We are an equal opportunity employer and do not discriminate on the basis of race, religion, color, national origin, gender, sexual orientation, age, marital status, veteran status, or disability status.

Note: We participate in E-Verify. Upon hire, we will provide the federal government with your Form I-9 information to confirm that you are authorized to work in the U.S. This role is required to work from the contiguous United States.