Cybersecurity Engineer / Cybersecurity Subject Matter Expert (SME) – Army Tactical System

CACI InternationalFort Belvoir, VA
$103,800 - $218,100Onsite

About The Position

The Cybersecurity Engineer / SME will support cybersecurity activities for an Army tactical system, with emphasis on Risk Management Framework (RMF), Army cybersecurity compliance, vulnerability management, DISA STIG reviews, cyber scan analysis, and authorization support. This position requires a hands-on cybersecurity professional with strong Army and DoD RMF experience and technical expertise reviewing DIDA STIGs, cybersecurity scans, vulnerability assessments, and authorization artifacts. The ideal candidate will be capable of independently analyzing technical findings, maintaining compliance evidence, supporting eMASS activities, coordinating with stakeholders, and adapting to evolving Army and DoD cybersecurity requirements.

Requirements

  • Active Secret Clearance required to start
  • Security+ CE or higher DoD 8140/8570 compliant certification.
  • Strong experience with RMF activities for Army or DoD systems and supporting tactical systems through IATT, ATO, and Continuous Monitoring activities.
  • Solid knowledge of AR 25-2, DoD RMF, NIST 800-53 security controls, and Army cybersecurity requirements.
  • Hands-on experience reviewing DISA STIGs, STIG Viewer checklists, CKL files, and cybersecurity compliance evidence.
  • Identify compliance gaps and remediation priorities.
  • Experience developing and maintaining POA&Ms, remediation plans, risk assessments, mitigation plans, and RMF authorization artifacts.
  • Ability to work independently with minimal supervision and effectively coordinate with Government personnel, assessors, engineers, software developers, cloud teams, and vendors.

Responsibilities

  • Lead and support Army RMF activities for system authorization, cybersecurity compliance and continuous monitoring efforts.
  • Review, analyze, and maintain DISA STIG compliance artifacts, including STIG Viewer checklists (.CKL files), supporting evidence, and remediation status.
  • Execute, review, and interpret cybersecurity scans, including SCAP Compliance Checker, ACAS, vulnerability scans, and related assessment results.
  • Correlate DISA STIG findings, scan results, vulnerability data, and security assessment findings to identify compliance gaps, assess risk, and establish remediation priorities.
  • Develop, review, and maintain cybersecurity documentation, including System Security Plans (SSP), Cybersecurity Strategies, POA&Ms, risk assessments, mitigation plans, and RMF authorization artifacts.
  • Maintain cybersecurity records and authorization package data within eMASS in support of IATT, ATO, Assess Only and Continuous Monitoring requirements.
  • Coordinate with Government stakeholders, Authorizing Officials (AO), Security Control Assessors (SCA), system engineers, software developers, cloud teams, vendors, and assessors to resolve cybersecurity findings and drive remediation efforts to closure.
  • Review Vendor’s cybersecurity deliverables for technical adequacy, compliance, and alignment with Army and DoD cybersecurity requirements.
  • Support cybersecurity test events, vulnerability assessments, penetration testing, security reviews, and authorization readiness activities.
  • Evaluate cybersecurity risks and provide recommendations to program leadership regarding compliance posture, remediation status, risk acceptance, and authorization impacts.
  • Support implementation of new Army and DoD cybersecurity policies, guidance, and requirements and assess impacts to the program.
  • Serve as a cybersecurity advisor to program leadership and technical teams on RMF, vulnerability management, compliance, and risk management activities.

Benefits

  • flexible time off
  • robust learning resources
  • comprehensive benefits such as; healthcare, wellness, financial, retirement, family support, continuing education, and time off benefits.
© 2026 Teal Labs, Inc
Privacy PolicyTerms of Service