Cybersecurity Assessment and Authorization SME

About The Position

Requirements

• Top Secret - IT-I Critical security clearance, Tier 5 investigation.
• Active CSSP Analyst Certification
• Five (5) years of relevant experience supporting Risk Management Framework (RMF) and NIST Assessment and Authorization (A&A) processes.
• Experience supporting DoD cybersecurity programs and authorization processes.
• Experience assessing security controls and conducting authorization reviews for large, complex enterprise environments.
• Strong understanding of DoD cybersecurity policies, procedures, and authorization requirements.
• Knowledge of cybersecurity considerations for Cloud technologies, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT) environments.

Responsibilities

• Serve as a Cybersecurity Subject Matter Expert (SME) for Assessment and Authorization (A&A) activities supporting Department of Defense (DoD) information systems.
• Support the implementation and execution of the Risk Management Framework (RMF) for the authorization of information systems.
• Conduct security control assessments and evaluate compliance with NIST SP 800-53 security controls and DoD cybersecurity requirements.
• Provide technical guidance and subject matter expertise for systems undergoing the authorization process.
• Analyze vulnerabilities and determine applicable severity values for identified security control deficiencies.
• Assess the potential impact of vulnerabilities on a system’s current or future authorization status.
• Support authorization package development and review to ensure completeness, accuracy, and compliance with DoD cybersecurity policies.
• Evaluate cybersecurity posture across complex IT infrastructures consisting of multiple enclaves, AIS applications, and outsourced IT processes.
• Provide cybersecurity expertise related to emerging technologies including Cloud environments, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT) infrastructures.
• Brief senior management and stakeholders on RMF progress, risk posture, and authorization status of information systems.
• Collaborate with system owners, cybersecurity teams, and government representatives to ensure successful completion of A&A activities.
• Ensure cybersecurity documentation, procedures, and processes align with DoD policies and enterprise security standards.

Benefits

• health
• dental
• vision
• 401K
• life insurance
• short-term and long-term disability plans
• vacation time
• holidays