Cyber Security SME/Program Manager

About The Position

Requirements

• Minimum of ten (10) years of experience in IT Project Management within both Waterfall and Agile environments.
• Minimum of ten (10) years of experience performing systems security assessments, preparing system security documentation, and/or executing security upgrades for live enterprise environments resulting in successful certification and accreditation or authorization.
• Minimum of ten (10) years of experience assessing and enhancing IT security policies and procedures in response to Federal and international regulatory requirements.
• Minimum of ten (10) years of IT Security experience with extensive knowledge of security regulations and assessments, including development of multiple A&A and ATO packages for a range of systems, including classified systems.
• Strong working knowledge of NIST Special Publications, including NIST SP 800-53 and NIST SP 800-37.
• Bachelor’s degree required.
• Minimum of two (2) of the following certifications: ISACA – Certified Information Systems Auditor (CISA) ISACA – Certified in Risk and Information Systems Control (CRISC) ISACA – Certified Information Security Manager (CISM) ISACA – Certified in Governance of Enterprise IT (CGEIT) (ISC)² – Certified Information Systems Security Professional (CISSP) (ISC)² – Certified Authorization Professional (CAP)
• Active TOP SECRET security clearance required.
• U.S. Citizenship is required.

Nice To Haves

• Experience utilizing JCAM systems in support of Security Authorization activities.
• Experience supporting classified environments at the TOP SECRET level.
• Demonstrated leadership experience serving as a senior cybersecurity SME on Federal contracts.

Responsibilities

• Lead and manage end-to-end ATO efforts for classified and unclassified systems in accordance with the Risk Management Framework (RMF).
• Conduct system security assessments and oversee the preparation of security documentation required for certification, accreditation, and authorization.
• Develop, review, and enhance system security plans (SSPs), POA&Ms, security control assessments, and supporting artifacts.
• Assess and enhance IT security policies and procedures to ensure compliance with Federal and international regulatory standards.
• Perform security upgrades and remediation activities for live networks, desktop systems, servers, and enterprise databases.
• Provide expert guidance on NIST Special Publications, including NIST SP 800-53 security control selection and implementation.
• Support NIST SP 800-37 Security Authorization processes using JCAM systems (preferred).
• Lead cybersecurity efforts across both Waterfall and Agile project environments.
• Serve as the primary cybersecurity advisor to stakeholders, government customers, and technical teams.
• Ensure compliance with all applicable security regulations for systems operating at the TOP SECRET level.