• Security Assurance Manager

    Job Location US-LA-New Orleans
    Posted Date 2 weeks ago(8/12/2019 9:18 AM)
    Job ID
    Clearance Requirement
    Public Trust
  • Overview

    Design. Disrupt. Repeat.

    Be an agent of change and the first line of information security defense on a team committed to achieving client-focused, mission-driven excellence within the Department of Interior. Steampunk is looking for an experienced Security Assurance Manager with an appetite for taking on new challenges.


    Who We Are

    Steampunk is the explosive collision of human-centered design and traditional government contracting. An employee-owned company with a startup mindset and time-tested approaches tailored for the federal government, we’re passionate about creating solutions that are impactful, practical, scalable, and most importantly, that meet our clients’ ever-changing needs.

    At Steampunk, we believe in disrupting the status quo and setting the pace in the ecosystem of government contractors, while repurposing tried-and-true methodologies. We believe in empowering our people to find creative solutions to intractable problems. We believe the best environment in which to grow and thrive is outside our comfort zone.

    While good design makes for a good product, we believe human-centered design makes for an excellent one.

    We also believe effective teams are powered by diverse perspectives, backgrounds, and experiences. To that end, Steampunk is an equal opportunity employer committed to promoting diversity of race, gender, sexual orientation, religion, ethnicity, national origin, disability status, and protected veteran status, amongst our ranks.  Additionally, we participate in the E-Verify program.

    Why Steampunk?

    Our people are the very core of what we do; their expertise and hunger for new and exciting challenges fuel our relentless pursuit of mission success. As part of our team of “Punks,” you’ll test the status quo, explore new boundaries, and set the bar high for how government clients expect to engage with contractors.

    Because we value our employees’ work/life balance (and believe those who work hard deserve to play hard), we offer a very competitive benefits package, including telework/flex scheduling, health/dental with orthodontics/vision insurance upon hire, paid time off with a sell-back benefit and carryover option, 11 Federal Holidays, 100% paid military leave, 100% 401(k) plan match upon hire, professional development/education reimbursement, all flexible spending accounts, and more.  




    Steampunk is looking for a Security Assurance Manager (SAM) who will be responsible and accountable for all security activities related to TIMS infrastructure, applications, development, and operations. The SAM will work closely and be accountable to the Government Information Systems Security Officer (ISSO) to ensure that all TIMS infrastructure and systems meet all applicable NIST, DOI, and agency security requirements.


    Essential Duties and Responsibilities:

    • Advises the ISSO regarding security considerations in applications systems procurement and development, implementation, operation and maintenance, and disposal activities (i.e., life cycle management). 
    • Leads all contractor security staff in meeting Government objectives and mandates.
    • Ensures that all applicable NIST SP 800-53 security controls are addressed during development. Works closely with development leads, solution architects, DBAs, and System Administrators to ensure that all TIMS development and Operations meets applicable NIST, DOI, and OMB security requirements and guidelines
    • Reports POA&M status to ISSO.
    • Represents Contractor TIMS security in all meetings (e.g. Configuration Management Board meetings).
    • Works with the ISSO to manage TIMS related activities of the BSEE Continuous Diagnostics and Mitigation (CDM) Program. This includes coordinating control assessments during the year. Provides input to ISSO on all security related data calls (e.g. FISMA quarterly updates).
    • Identifies and reports any potential TIMS weakness/vulnerability to the ISSO. This includes updating the BSEE Trigger Log with any security findings or control failures.
    • Assists in the determination of appropriate security configuration commensurate with the level of data sensitivity.
    • Assists in the development and maintenance of security and contingency plans for TIMS.
    • Works with the ISSO on security impact analysis of system safeguards and program elements and in Authorization and Assessment (A&A) activities. 
    • Coordinates the resolution of weaknesses identified in POA&Ms.
    • Reports POA&M resolution status to the ISSO on a regular basis. Prioritizes action plans based on input from ISSO and other Government stakeholders. Works with POA&M owners to ensure timely status reporting to the ISSO.
    • Acts as the main Contractor point of contact (POC) for all security incidents involving TIMS
    • Provides oversight of vulnerability scanning and penetration testing of systems/networks. Ensures that security tools are properly used and maintained. Ensures that vulnerability mitigation is performed according to Government policy and procedure including the tracking of residual vulnerabilities. 
    • Supports the ISSO in all third party assessments (e.g. OIG assessments).





    • Bachelor's degree in Computer Science, Cyber Security, Engineering, Information Systems or similar technical disciplines and/or equivalent work experience
    • 12+ years of experience in hands-on roles providing information security engineering, architecture, and governance supporting
    • 3+ years in a SAM or similar role covering scope and scale as required in this call order
    • Must hold a nationally recognized security certification (e.g. CISSP, CISM) 
    • Deep knowledge of Security Frameworks such as NIST 800.53 
    • Deep knowledge of Security Engineering for Application Development

    About steampunk


    Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors.  Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges.  As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit


    We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program. 


    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed