Platform Security & RMF Lead

June 3, 2026

Other Jobs To Apply

No other job posts for this day.

<div class="content-intro"><h3>About Us</h3> Red Cell Partners is an incubation firm building and investing in rapidly scalable technology-led companies that are bringing revolutionary advancements to market in three distinct practice areas: healthcare, cyber, and national security. United by a shared sense of duty and deep belief in the power of innovation, Red Cell is developing powerful tools and solutions to address our Nation’s most pressing problems.</div>ABOUT DEFCON AI RESILIENCE IN THE FACE OF DISRUPTION. DEFCON AI is an insights company that leverages artificial intelligence, mathematical optimization, data analytics, and software engineering for resilient optimization of complex systems. In today’s dynamically changing world, DEFCON AI’s technology aligns outcomes with operational goals, better decision making, and empowers customers to anticipate assess, and mitigate the impacts of disruptions. <div> About the Role <div> This is a rare opportunity to define the security posture of a mission-critical DoD software platform from the ground up. As the Platform Security & RMF Lead, you will own the authorization posture and platform-level security discipline for DEFCON AI’s government-facing systems and integration platform. You are responsible for the full RMF lifecycle—from ATO strategy through continuous monitoring—and serve as the authoritative voice on whether the system is secure, compliant, and authorized to operate. You will work closely with Architecture and DevSecOps leadership to define the security standards the platform must meet, while ensuring cross-domain data flows comply with classification and authorization requirements. This is a deeply specialized role requiring expert-level fluency in DoD security frameworks, RMF processes, and cleared-system environments. This is a senior level role combining hands-on RMF execution with platform-wide security leadership. You will guide both government stakeholders and engineering teams through complex authorization, classification, and security decisions. Key Responsibilities ATO Strategy & RMF Ownership <ul> <li data-leveltext="" data-font="Symbol" data-listid="26" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Define and execute the ATO pathway, including responsibility allocation across government and contractor teams</li> <li data-leveltext="" data-font="Symbol" data-listid="26" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Author and maintain RMF documentation (SSP, SAP, SCTM, ConMon) in accordance with DoDI 8510.01 and NIST 800-53</li> <li data-leveltext="" data-font="Symbol" data-listid="26" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Coordinate with eMASS and Authorizing Officials on assessment and authorization activities</li> <li data-leveltext="" data-font="Symbol" data-listid="26" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Lead continuous monitoring and reauthorization efforts across the system lifecycle </li> </ul> Cross-Domain Security & Classification Policy <ul> <li data-leveltext="" data-font="Symbol" data-listid="27" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Define security requirements for cross-domain data flows (IL-5, IL-6, tactical edge)</li> <li data-leveltext="" data-font="Symbol" data-listid="27" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Evaluate and guide selection of DoD-approved cross-domain solutions</li> <li data-leveltext="" data-font="Symbol" data-listid="27" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Ensure classification-aware data segmentation is enforceable, auditable, and aligned with policy (e.g., NOFORN, REL_TO, ORCON)</li> <li data-leveltext="" data-font="Symbol" data-listid="27" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Review system architecture to ensure compliant handling of classified data flows </li> </ul> Multi-Enclave Security Architecture <ul> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Support secure operation across NIPR, SIPR, and higher classification environments</li> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Define authorization approaches (inheritance vs. standalone ATOs) across enclaves</li> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Ensure security posture scales without requiring fundamentally different architectures</li> <li data-leveltext="" data-font="Symbol" data-listid="28" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Maintain alignment with evolving joint and service-level security requirements </li> </ul> Platform Security Advisory <ul> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Serve as the authoritative internal resource for DoD security and RMF-related questions</li> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Advise on container security, RBAC, service mesh security, PKI/CAC integration, and secrets management</li> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Define expectations for security scanning, container hardening, and vulnerability management (without owning the pipeline)</li> <li data-leveltext="" data-font="Symbol" data-listid="29" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Evaluate new capabilities for security and authorization impacts prior to production deployment </li> </ul> Required Qualifications <ul> <li>10+ years of information assurance or security engineering experience with increasing seniority</li> <li>5+ years of hands-on ownership of RMF / ATO packages for DoD production systems, including at least one full authorization cycle (categorization → controls → implementation → assessment → authorization → ConMon).</li> <li>Deep familiarity with DoD security frameworks, RMF processes, and NIST 800-53 controls</li> <li>Proven ability to operate in complex, multi-enclave or classified environment</li> <li>US Citizenship Required</li> <li>Active Secret Clearance</li> <li>Willing to travel up to 25% for business needs </li> </ul> Preferred Qualifications <ul> <li>Active TS/SCI Clearance</li> <li>Experience supporting USMC or Service-level network environments</li> <li>Experience with ATO inheritance, reciprocity, or common control provider model</li> <li>Experience with cross-domain solutions or multi-level security architectures \</li> <li>Familiarity with Palantir Foundry or Anduril Lattice environments</li> <li>Prior experience as an ISSO, SCA, or in a similar senior DoD security role </li> </ul> What Success Looks Like <ul> <li>A clear ATO pathway is defined, approved by stakeholders, and actively progressing</li> <li>RMF artifacts and compliance evidence are built into the delivery process—not created after the fact</li> <li>Cross-domain data flows are secure by design, with classification policy embedded at the data level</li> <li>The platform operates securely across multiple enclaves without requiring re-architecture at each level</li> <li>Engineering teams proactively engage security early in design decisions</li> <li>Government stakeholders view the system’s security posture as credible, well-managed, and audit-ready </li> </ul> </div> What We Offer: <ul> <li>A fully remote, results-based environment</li> <li>Competitive salary, bonus, and equity package</li> <li>100% employer paid, comprehensive health insurance including medical, dental, and vision for you and your family</li> <li>Unlimited PTO, with your manager’s approval</li> <li>Flexible work environment where you manage your work day</li> <li>14 weeks of fully-paid parental leave</li> </ul> Salary Range: $175,000-$215,000. This represents the typical salary range for this position based on experience, skills, and other factors. </div><div class="content-conclusion">Our Red Cell Partners Benefits: For full-time roles <ul> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Career track opportunity with potential for rapid advancement with strong performance as the firm grows </li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">100% employer paid, comprehensive health care including medical, dental, and vision for you and your family.</li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Paid maternity and paternity for 14 weeks at employees' normal pay.</li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Unlimited PTO, with management approval.</li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Opportunities for professional development and continued learning.</li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Optional 401K, FSA, and equity incentives available.</li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Mental health benefits are available through <a href="https://www.taramind.com/">Tara Mind</a>. </li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="8" data-aria-level="1">Cost effective GLP-1 solutions available through <a href="https://soon.getcrux.com/">Crux</a>. </li> </ul> We’re an Equal Opportunity Employer: You’ll receive consideration for employment without regard to race, sex, color, religion, sexual orientation, gender identity, national origin, protected veteran status, or on the basis of disability. <hr> Applicant Data Disclosure By submitting an application, you acknowledge that Red Cell Partners, LLC ("Red Cell") uses third-party service providers to facilitate its recruitment and hiring processes. These providers include applicant tracking systems, candidate verification platforms, and fraud detection tools (collectively, "Hiring Platforms"). Your application materials, including your résumé, cover letter, work samples, responses to application questions, and any other information you submit, may be transmitted to and processed by these Hiring Platforms for the following purposes: <ul> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="1" data-aria-level="1">Managing and administering your application throughout the hiring process; </li> </ul> <ul> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="2" data-aria-level="1">Verifying the accuracy and authenticity of application materials, including by cross-referencing information you provide against publicly available sources and proprietary databases; </li> <li data-leveltext="" data-font="Symbol" data-listid="1" data-list-defn-props="{" 335552541":1,"335559685":720,"335559991":360,"469769226":"symbol","469769242":[8226],"469777803":"left","469777804":"","469777815":"hybridmultilevel"}"="" data-aria-posinset="3" data-aria-level="1">Identifying indicators of potentially fraudulent, fabricated, or materially misleading application content, including but not limited to discrepancies between submitted materials and publicly available professional profiles, geographic anomalies, and fabricated work histories. </li> </ul> Applications that are flagged through this process as containing indicators of fraud or material misrepresentation may be declined from further consideration. If you have questions about the status of your application or the evaluation process, please contact talent<a href="mailto:recruiting@redcellpartners.com">@redcellpartners.com</a>. Red Cell requires its Hiring Platform providers to process your information solely for the purposes described above and in accordance with applicable law. Your information will be retained only for as long as necessary to fulfill these purposes and any applicable legal obligations, after which it will be deleted in accordance with Red Cell's data retention policies. For more information about how your data is used, please refer to our Privacy Policy and <a href="https://www.redcellpartners.com/applicant-privacy-policy/">Applicant Privacy Notice</a>. </div>

Back to blog

Common Interview Questions And Answers

1. HOW DO YOU PLAN YOUR DAY?

This is what this question poses: When do you focus and start working seriously? What are the hours you work optimally? Are you a night owl? A morning bird? Remote teams can be made up of people working on different shifts and around the world, so you won't necessarily be stuck in the 9-5 schedule if it's not for you...

2. HOW DO YOU USE THE DIFFERENT COMMUNICATION TOOLS IN DIFFERENT SITUATIONS?

When you're working on a remote team, there's no way to chat in the hallway between meetings or catch up on the latest project during an office carpool. Therefore, virtual communication will be absolutely essential to get your work done...

3. WHAT IS "WORKING REMOTE" REALLY FOR YOU?

Many people want to work remotely because of the flexibility it allows. You can work anywhere and at any time of the day...

4. WHAT DO YOU NEED IN YOUR PHYSICAL WORKSPACE TO SUCCEED IN YOUR WORK?

With this question, companies are looking to see what equipment they may need to provide you with and to verify how aware you are of what remote working could mean for you physically and logistically...

5. HOW DO YOU PROCESS INFORMATION?

Several years ago, I was working in a team to plan a big event. My supervisor made us all work as a team before the big day. One of our activities has been to find out how each of us processes information...

6. HOW DO YOU MANAGE THE CALENDAR AND THE PROGRAM? WHICH APPLICATIONS / SYSTEM DO YOU USE?

Or you may receive even more specific questions, such as: What's on your calendar? Do you plan blocks of time to do certain types of work? Do you have an open calendar that everyone can see?...

7. HOW DO YOU ORGANIZE FILES, LINKS, AND TABS ON YOUR COMPUTER?

Just like your schedule, how you track files and other information is very important. After all, everything is digital!...

8. HOW TO PRIORITIZE WORK?

The day I watched Marie Forleo's film separating the important from the urgent, my life changed. Not all remote jobs start fast, but most of them are...

9. HOW DO YOU PREPARE FOR A MEETING AND PREPARE A MEETING? WHAT DO YOU SEE HAPPENING DURING THE MEETING?

Just as communication is essential when working remotely, so is organization. Because you won't have those opportunities in the elevator or a casual conversation in the lunchroom, you should take advantage of the little time you have in a video or phone conference...

10. HOW DO YOU USE TECHNOLOGY ON A DAILY BASIS, IN YOUR WORK AND FOR YOUR PLEASURE?

This is a great question because it shows your comfort level with technology, which is very important for a remote worker because you will be working with technology over time...

DISCLAIMER