Cybersecurity Assessment & Authorization Subject Matter Expert-SME

Nationwide IT ServicesFairfax, VA
$100,000 - $135,000Onsite

About The Position

Nationwide IT Services (NIS) is seeking a Cybersecurity Subject Matter Expert (SME) for a potential opportunity supporting the Assessment and Authorization (A&A) of information systems and the implementation of associated cybersecurity policies and procedures. The ideal candidate will have a strong understanding of NIST SP 800-53 security controls and their application to the assessment and authorization of complex enterprise IT environments, including large and small enclaves, cloud-hosted services, operational technology (OT), AIS applications, and outsourced IT services within organizations such as the Defense Logistics Agency (DLA).

Requirements

  • Seven (7) years of relevant Risk Management Framework (RMF) and NIST A&A experience.
  • DOW cybersecurity experience
  • Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
  • Strong research, analytical, and problem-solving skills
  • Strong understanding of DoD cybersecurity requirements, including documenting and developing artifacts for STIGs, TCG configuration guides, IAVMs, and Task Orders
  • Exceptional ability to develop, maintain, and validate RMF artifacts and cybersecurity Documentation
  • Proficiency with analytical tools such as Microsoft Excel, Access, Power BI, and Power Platforms
  • Experience producing detailed analytics and trend reports using data from vulnerability scanners, configuration tools, and security platforms to support decision-making and inspection readiness
  • Excellent written and verbal communication skills, including the ability to brief leadership and produce clear documentation
  • Experienced in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
  • Knowledgeable in the cybersecurity of emerging technology areas such as Cloud, information technology (IT), Industrial Control Systems (ICSs), or Operational Technology (OT) infrastructures.
  • Required to possess a DOD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive Security clearance or Tier 3 (T3) upon assignment.
  • DOD 8570 - IAM 3 (CISSP, CISM, GSLC, CCISO) Certification Requirement

Nice To Haves

  • Proven ability to work independently and collaboratively with minimal oversight

Responsibilities

  • Executes DoW/DLA cybersecurity processes to authorize information systems, maintain authorization of information systems, and serve as a Subject Matter Expert (SME) for systems undergoing the authorization process.
  • Update and track POA&M entries by documenting findings, logging remediation actions, and keeping milestone dates current to ensure issues move toward closure.
  • Ability to generate clear, accurate, and audit-ready cybersecurity reports, including vulnerability summaries, compliance status updates, and risk findings for technical and leadership audiences.
  • Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
  • Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control) and determines the possible ramifications on the system’s current or future authorization.
  • Brief senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.

Benefits

  • medical, dental, and vision insurance
  • life and disability insurance
  • a 401(k) plan with employer match
  • paid holidays
  • PTO (sick/vacation)
  • commuter benefits
  • an employee assistance program (EAP)
  • educational reimbursement
  • Pet Insurance
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service