Security Subject Matter Expert (SME)
About The Position
The Security Subject Matter Expert (SME) is the program’s security lead for a large, hybrid enterprise (on-prem data centers and multi-cloud). You will architect, implement, and operate a Zero Trust, RMF-aligned security solutions that keep systems reliable, data protected, and the program audit-ready at all times. You will own the end-to-end security operating model, identity and access (including PIV/FIDO and PAM), vulnerability and patch orchestration, logging and SIEM/SOAR, supply-chain integrity (SBOM/provenance), backup/DR resilience, and continuous monitoring. HOW THE SECURITY SME WILL MAKE AN IMPACT: You will convert compliance into a running capability rather than a paperwork cycle. By embedding controls in automation, policy-as-code in pipelines, signed artifacts with attestations, identity-centric access, and immutable backups, you will raise assurance while reducing toil and mean time to recover. You’ll drive continuous compliance with authoritative evidence from VA systems (ITSM/CMDB, SIEM/EDR, vulnerability tools), cut vulnerability aging against CISA KEV targets, and raise control pass rates without slowing delivery. During incidents, you will lead joint “swarm” response, contain issues quickly, and turn lessons into baseline changes, POA&Ms, and updated playbooks. For executives and non-technical stakeholders, you’ll translate risk into clear narratives - what happened, what changed, how we’re safer, and publish trend lines that connect security investments to fewer outages, cleaner audits, and lower total cost of ownership.
Requirements
- 10+ years in enterprise cybersecurity engineering/operations with direct ownership of hybrid (data center + AWS/Azure) environments
- 3+ years in regulated or federal programs (VA/DoD/DHS/HHS or equivalent)
- Demonstrated delivery of Zero Trust architectures (per NIST SP 800-207/TIC 3.0), RMF/ATO sustainment (SP 800-53 Rev 5/53B baselines), and continuous monitoring at scale
- Hands-on leadership standing up SIEM/SOAR, EDR, vulnerability management, identity platforms (SSO/PIV/FIDO, PAM/JIT), and audited disaster recovery programs (SP 800-184)
- Proven record improving outcomes: higher control pass, reduced critical vuln aging, faster MTTR, successful external assessments, and repeatable ATO renewals
- Experience operating within multi-vendor/SIAM models with cross-vendor OLAs and shared KPIs
- Bachelor's Degree. In lieu of a degree, an additional four years of related experience required
- Clear Communicator: Converts complex risk and telemetry into executive-ready, plain-language updates; writes crisp playbooks, runbooks, and policy one-pagers
- Outcome-Driven: Ties security work to measurable results, control pass rate, vuln aging, incident frequency/MTTR, DR test pass, and audit findings, published on a shared scorecard
- Builder’s Mindset: Designs controls that are easy to use and hard to bypass; prefers automation over manual checks; balances guardrails with delivery speed
- Facilitation & Influence: Leads cross-domain incident “swarming,” champions secure patterns with engineers, and negotiates trade-offs that protect both security and uptime
- Governance & Rigor: Runs change risk reviews, manages POA&Ms to closure, and keeps the ATO pipeline predictable with OSCAL-based evidence and scheduled assessments
- Mission Focus: Aligns security investments with VA outcomes including fewer disruptions for clinicians and staff, stronger protection of Veteran data, and demonstrable stewardship of taxpayer funds
Nice To Haves
- CISSP
- CCSP
- CISM
- CASP+
- GIAC (GCIH/GCIA/GMON/GCSA/GPCS/GCED)
- CEH
- AWS/Azure security specialty
- CAP or equivalent RMF credential
Responsibilities
- Architect, implement, and operate a Zero Trust, RMF-aligned security solutions
- Own the end-to-end security operating model
- Lead joint “swarm” response during incidents
- Translate risk into clear narratives for executives and non-technical stakeholders
Benefits
- Full-flex work week to own your priorities at work and at home
- 401K with company match
- Comprehensive health and wellness packages
- Internal mobility team dedicated to helping you build your skills and own your career
- Professional growth opportunities including paid education and certifications
- Cutting-edge technology you can learn from
- Rest and recharge with paid vacation and 10 company-paid holidays
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
What This Job Offers
Job Type
Full-time
Career Level
Mid Level
