Cybersecurity Automation Subject Matter Expert (SME) (TS/SCI)
About The Position
Koniag IT Systems, a Koniag Government Services company, is seeking a Cybersecurity Automation Subject Matter Expert (SME) with an active TS/SCI to support KITS and our government customer at the Mark Center, Alexandria, VA. This is a hybrid opportunity that requires 1-4 days of onsite work. We offer competitive compensation and an extraordinary benefits package including health, dental, and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more. We are seeking a Cybersecurity Automation Subject Matter Expert (SME) with deep experience in the Department of Defense (DoD) Risk Management Framework (RMF) process to modernize and streamline cybersecurity compliance. The Cybersecurity Automation SME will engineer and implement automated solutions that accelerate Assessment & Authorization (A&A), strengthen control validation, and improve evidence management. This role requires a blend of technical automation expertise, cybersecurity compliance knowledge, and experience with the DoD RMF.
Requirements
- TS/SCI security clearance required.
- Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or related field.
- 15+ years of experience in DoD cybersecurity compliance, assessment, or risk management.
- Hands-on expertise with RMF processes, NIST SP 800-53 Rev. 5 controls, and DoD RMF [DoDI 8510.01].
- Experience developing automation solutions using Python, PowerShell, Ansible, or similar scripting/orchestration tools.
- Familiarity with continuous monitoring and automated compliance reporting.
- DoD 8570.01-M certification (e.g., CISSP, CAP, Security+ CE).
- Ability to work on-site 1-4 days a week.
Nice To Haves
- Experience with Governance, Risk, and Compliance (GRC tools) (e.g., eMASS, Archer, Xacta) and their automation/integration.
- Knowledge of OSCAL and machine-readable RMF artifacts.
- Experience with DevSecOps pipelines, CI/CD, and Infrastructure as Code (IaC).
- Background in vulnerability management, STIG compliance, or automated security testing.
Responsibilities
- Provide subject matter expertise in the development and deployment of automated RMF security control assessment, informing authorization, and continuous monitoring processes.
- Develop, integrate, and maintain automated workflows for evidence collection, control validation, and reporting.
- Leverage scripting, orchestration, and DevSecOps pipelines to embed compliance and security checks.
- Collaborate with cybersecurity engineers, assessors, system owners, and other stakeholders to align automation solutions with mission needs.
- Integrate automated testing tools (e.g., vulnerability scanners, configuration management tools) into RMF packages.
- Provide subject matter expertise on leveraging OSCAL (Open Security Controls Assessment Language) and other machine-readable compliance frameworks.
- Deliver training, documentation, and guidance to program teams on automated RMF practices.
- Stay current and provide feedback and recommendations on DoD cybersecurity policies, NIST updates, and emerging compliance automation technologies.
Benefits
- health, dental, and vision insurance
- 401K with company matching
- flexible spending accounts
- paid holidays
- three weeks paid time off
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
Number of Employees
1,001-5,000 employees
