Cybersecurity Lead

About The Position

Requirements

• Must hold an active Top Secret clearance (SCI eligibility preferred).
• Bachelor’s degree in Cybersecurity, Computer Science, or a related technical discipline.
• Minimum 7 years of experience in DoD cybersecurity, compliance, or RMF program management.
• Hands-on experience managing A&A activities within eMASS and implementing RMF controls in IL4/IL5 cloud environments.
• Proven ability to lead cross-functional cybersecurity programs and automation initiatives.
• Strong understanding of DoDI 8510.01 (RMF), DISA STIG/SRGs, and DoD Cloud Computing SRG.
• Familiarity with Zero Trust architecture and continuous monitoring implementation.
• Proficiency in AWS GovCloud, container security (Kubernetes, Docker), and CI/CD security integration.
• Knowledge of FedRAMP, NIST SP 800-171/53, and CMMC frameworks.
• Experience with vulnerability scanning, log management, and compliance validation tools.
• Required: CompTIA Security+ CE (DoD 8570 IAT II baseline).
• Excellent leadership and coordination skills across technical and compliance teams.
• Strong analytical, documentation, and communication capabilities.
• Proven ability to assess risk, prioritize mitigations, and drive secure operational outcomes.
• Commitment to continuous improvement, automation, and mission assurance.

Nice To Haves

• Preferred: CISSP, CISM, or CEH.
• Preferred: AWS Certified Security – Specialty or equivalent.

Responsibilities

• Lead the design and implementation of the program’s cybersecurity framework across multiple IL environments (IL2–IL5).
• Perform RMF lifecycle management, including control identification, tailoring, inheritance, and mapping to DoDI 8510.01.
• Develop and maintain continuous RMF evidence generation through automated compliance and monitoring pipelines using eMASS, Tenable ACAS, AWS Inspector, or similar tools.
• Design and implement data protection and encryption strategies aligned with DoD cloud security and NIST standards.
• Manage cybersecurity architecture documentation including network diagrams, system boundaries, and data flow mappings.
• Oversee vulnerability management, penetration testing, and remediation tracking through POA&M management.
• Ensure alignment with DISA STIGs, SRGs, and PPSM compliance requirements; perform periodic audits and assessments.
• Coordinate with security assessors and system engineers to maintain accreditation and Authorization to Operate (ATO) compliance.
• Lead continuous cyber risk assessments and control mapping to ensure evolving compliance with DoD and program directives.
• Manage the DevSecOps Plan and ensure continuous security integration into all development and deployment pipelines.
• Support implementation of Zero Trust architecture through identity management, segmentation, and telemetry.
• Oversee the generation and maintenance of security documentation, including SSPs, SARs, IRPs, and contingency plans.
• Lead incident response and remediation coordination, ensuring timely logging, root cause analysis, and reporting.
• Mentor cybersecurity staff and communicate compliance posture, risk levels, and readiness metrics to leadership.