[Hiring] Cybersecurity Lead @Foxhole Technology, Inc.

Role Description

Foxhole is seeking a Cybersecurity Team Lead (Senior Information Security Analyst). This position will manage and enforce cybersecurity posture, assessments, compliance, and monitoring activities.

• Lead the design, implementation, and continuous improvement of enterprise cybersecurity frameworks across GovCloud environments, ensuring alignment with DoD security requirements.
• Manage the full Risk Management Framework (RMF) lifecycle, including control selection, tailoring, inheritance, and mapping.
• Architect and sustain automated compliance and continuous monitoring pipelines, enabling real-time RMF evidence generation, vulnerability scanning, AWS security, or equivalent platforms.
• Maintain and govern cybersecurity architecture artifacts, including system security plans, system diagrams, and data flow mappings to support audit readiness and system authorization.
• Direct vulnerability management and remediation programs, including coordination of scanning and POA&M tracking to ensure timely risk mitigation.
• Ensure compliance with DISA STIGs, SRGs, and PPSM requirements through continuous validation, audits, and control assessments.
• Collaborate with Authorizing Officials (AOs), Security Control Assessors (SCAs), and engineering teams to obtain and sustain Authorization to Operate (ATO).
• Lead the security integration into DevSecOps pipelines, ensuring automated security testing, compliance enforcement, and secure code deployment practices.
• Oversee development and maintenance of key security documentation, including System Security Plans (SSPs), Security Assessment Reports (SARs), Incident Response Plans (IRPs), and Contingency Plans.
• Lead incident response efforts, including detection, analysis, containment, and reporting, ensuring alignment with organizational and regulatory requirements.
• Mentor and guide junior analysts, while communicating security posture, risk metrics, and compliance status effectively to senior leadership and stakeholders.

Qualifications

• At least 7 years of experience in cybersecurity, compliance, or RMF program management.
• Hands-on experience managing assessment and authorization activities within eMASS (or similar tool) and implementing RMF controls in GovCloud environment.
• Strong understanding of RMF, DISA STIGs/SRGs, and Cloud Computing SRG.
• Knowledge of FedRAMP, NIST SP 800-53, and CMMC frameworks.
• Experience with vulnerability scanning and compliance validation technologies.
• Strong understanding of cloud security (AWS, OCI, etc.).
• Ability to work independently, and part of team, in a high-intensity fast-paced environment.
• Familiarity with security best practices and compliance requirements.
• Excellent troubleshooting and problem-solving skills.
• Active DoD Secret Clearance.
• Continental travel may be required.

Requirements

• Bachelor’s (BS) degree in relevant field – strongly preferred but not required.
• Certifications such as CISSP, CISM, or similar cert is preferred.
• Familiarity with security tools and frameworks such as ACAS, Nessus, cloud-based scanning technologies, etc.
• Experience supporting FedRAMP accreditations is a plus.
• Knowledge of computer network defense process and procedures.

Benefits

• Think analytically, effective verbal and written communication skills.
• Make decisions, observe/remember details, interpret data, concentrate on tasks.
• Adjust to change, handle stress/emotions.
• Regular attendance, maintain work schedule, attend meetings, meet deadlines.
• Keyboard/type, handle confidential information, use math/calculations, stay organized, operate office equipment, may direct others.
• May be exposed to dust/dirt, humidity, and noise.