Senior Cybersecurity Engineer (GRC & Solutions Architecture)

About Huntridge Labs

Overview


Huntridge Labs is a digital engineering company focused on delivering modern solutions for public benefit that are backed by emerging technologies.


Mission over Margin


We value serving the client mission over everything else. We believe there are too many public sector-focused firms in this industry that are distracted by their bottom line, forcing their customers and the public take a back seat. We started Huntridge Labs to be better. We are here to benefit the general public by helping the government solve critical technology challenges.


We Do Not Settle for Mediocrity


Our philosophy is "A's hire A's." As such, we hire top talent into every position. We roll up our sleeves to solve our industry’s toughest challenges, which requires incredibly talented people at our side. We offer one of the best benefits packages in the industry to prove our commitment to attracting and retaining the best talent. We also understand that our company may not be for everyone. Every new employee is subject to a 90-day probationary period. If this is not a good fit, we may decide to part ways. We will make sure you are taken care of financially until you can find a new role.


About You


Regardless of the role you are applying for, you will be a great fit in Huntridge Labs if this describes you: 

You are a top performer in your current role

You are radically collaborative and transparent with your peers, clients, and leadership

You enjoy succeeding as a team

You love solving problems and trying new things

You hate bureaucracy, red tape, and wasteful processes

When you see something that's broken, you fix it

"That's not my job" doesn't exist in your vocabulary

If you do not meet the qualifications listed below, but believe you are fully capable of doing this job, please apply anyway.

About the role:


We are looking for a Senior Cybersecurity Engineer who thinks like a Solution Architect. In this role, you will be the driving force behind modernizing our federal client’s Governance, Risk, and Compliance (GRC) framework.


You will leverage your deep expertise in business process re-engineering, the Risk Management Framework (RMF), and the ServiceNow GRC/IRM platform to architect, design, and implement a more automated, integrated, and data-driven approach to cybersecurity compliance.


You will move beyond traditional, static compliance activities and build a forward-looking GRC capability that enables continuous monitoring and informed, risk-based decision-making.


What you'll do:


  • Solution Architecture & Strategy:
    Design and architect end-to-end GRC solutions within the federal space, translating complex RMF requirements into streamlined, automated workflows within the ServiceNow GRC platform.
  • Process Re-engineering & Optimization:
    Lead business process re-engineering initiatives. Utilize business process mapping ("as-is" and "to-be") and Lean Six Sigma principles to analyze, redesign, and optimize GRC and RMF workflows for maximum efficiency, reduced waste, and effective automation.
  • GRC Modernization:
    Lead initiatives to transform traditional, manual RMF processes into a dynamic and efficient program. Develop strategic roadmaps for maturing GRC capabilities, focusing on automation, control inheritance, and continuous monitoring.
  • ServiceNow GRC Implementation:
    Serve as the subject matter expert for the ServiceNow GRC/Integrated Risk Management (IRM) module. Lead the configuration, implementation, and optimization of policies, control objectives, risk frameworks, compliance assessments, and audit management based on optimized business processes.
  • RMF Expertise & Automation:
    Apply expert knowledge of NIST SP 800-37 (RMF), NIST SP 800-53, and the Authorization to Operate (ATO) process. Architect solutions that automate evidence collection, control testing, and generation of compliance artifacts (e.g., System Security Plans).
  • Stakeholder Collaboration:
    Work closely with federal stakeholders, including ISSOs, System Owners, and leadership, to understand challenges and requirements. Communicate complex technical and process-oriented solutions to both technical and non-technical audiences.
  • Technical Leadership:
    Mentor junior engineers, provide guidance on GRC best practices, and lead proof-of-concept projects for new GRC automation technologies and integrations.
  • Documentation & Reporting:
    Develop high-quality architectural diagrams, solution designs, process flow diagrams, SOPs, and strategic briefs. Design and configure dashboards in ServiceNow to provide leadership with real-time visibility into the agency's risk and compliance posture.

Qualifications:


Required Qualifications

  • Experience: 10+ years of progressive experience in cybersecurity, with at least 5 years focused on federal information assurance, security compliance, and the Risk Management Framework (RMF).
  • ServiceNow GRC: 3+ years of hands-on experience designing, implementing, or managing the ServiceNow GRC or Integrated Risk Management (IRM) module.
  • Solution Architecture Mindset: Demonstrated experience in a solution architect or similar capacity, with the ability to design and implement complex, enterprise-wide technology solutions.
  • NIST Expertise: Deep understanding of NIST Special Publications, including SP 800-37, SP 800-53, and the NIST Cybersecurity Framework (CSF).
  • Citizenship & Clearance: Must be a U.S. Citizen and able to obtain and maintain a federal security clearance (Public Trust, Secret, or Top Secret).
  • Communication: Excellent written and verbal communication skills, with a proven ability to present to executive-level stakeholders.

Preferred Qualifications

  • Active federal security clearance (Public Trust, Secret, or Top Secret).
  • Experience in business process mapping (e.g., BPMN, Visio) and applying process improvement methodologies such as Lean Six Sigma. Formal certification (e.g., Green Belt, Black Belt) is highly desirable.
  • Advanced cybersecurity certifications such as CISSP, CISM, CGRC, or ServiceNow Risk and Compliance (CIS-RC) certification.
  • Experience with cloud security in federal environments (e.g., FedRAMP, AWS GovCloud, Azure Government).
  • Knowledge of scripting languages (Python, PowerShell) to facilitate automation and integration.
  • Experience integrating security tools (e.g., vulnerability scanners, SIEM) with the ServiceNow GRC platform.
  • Bachelor’s or Master’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.

Salary Range-$150-$160k

Delivery

Remote (United States)

Share on:

Terms of servicePrivacyCookiesPowered by Rippling