Cybersecurity SME Lead Secret or Top Secret

About The Position

Requirements

• 10 years of IT experience
• 10 years of DoD Cybersecurity experience
• 10 years of Risk Management Framework (RMF) and NIST A&A experience
• Demonstrated expertise leading and mentoring cybersecurity teams with direct quality oversight
• Proven hands-on experience preparing enterprise environments for CCRI, CORA, and Blue Team assessments
• SME-level ability to assess security controls and conduct authorization reviews for large, complex organizations
• Expert knowledge of DoD cybersecurity requirements: STIGs, TCG configuration guides, IAVMs, Task Orders
• Oversees end-to-end POA&M lifecycle management including documentation, tracking, and remediation closure
• Ability to interpret new and evolving DoD cybersecurity documentation and produce high-quality artifacts even when guidance is ambiguous
• Skilled in producing authoritative system documents: SSP, CONOPS, Incident Response Plan, Contingency Plan, Configuration Management Plan
• Expert-level scripting and automation: PowerShell, Python - reviews and validates engineers' scripts
• Leads risk assessments and provides risk-based recommendations to leadership for prioritizing mitigation
• Creates dashboards, analytics, and trend reports using Power BI, Power Platform, and enterprise data sources
• Knowledgeable in emerging technology areas: Cloud, ICS, OT infrastructures
• Active Secret (with IT-II Non-Critical Sensitive (Tier 3 / T3) eligibility) or Top-Secret accepted
• CISSP, or CASP+, or CISA
• Active certifications/training in ACAS (Assured Compliance Assessment Solution) and Tanium Platform
• ICS-300 or equivalent OT/ICS cybersecurity certification (e.g., GICSP, ISA/IEC 62443)

Responsibilities

• Provide technical leadership and day-to-day direction to Cybersecurity Engineers
• Develop and execute the organization's vulnerability management strategy, ensuring alignment with DoD requirements
• Oversee team scanning, reporting, and remediation workflows to maintain continuous compliance and inspection readiness
• Lead preparation and response for CCRI, CORA, Blue Team, and other DoD cybersecurity inspections
• Manage end-to-end POA&M lifecycle: documentation, status tracking, remediation closure
• Serve as primary cybersecurity liaison to DLA leadership, mission owners, and external assessment teams
• Establish governance processes for patch management, configuration compliance, and change control
• Provide senior-level expertise on network security architecture, segmentation, and zero-trust principles
• Produce executive-level briefings and actionable recommendations from complex technical findings
• Ensure consistent, high-quality reporting on vulnerabilities, compliance status, and risk posture

Benefits

• Support to achieve professional certifications and degrees
• Leadership that is accessible to all employees
• Regular company updates
• Client networking social engagements
• Monthly team-building activities (past examples: Top Golf)
• Supporting our community - including veterans