ZERO TRUST (ZT) PROCESS RE-ENGINEER SME

About The Position

Requirements

• A minimum of 10 years as a Policy Analyst, Process Re-Engineer, or Senior Policy Writer for an enterprise IT or cybersecurity program with demonstrated Zero Trust scope.
• Expert knowledge of NIST SP 800-207, NIST SP 800-53 Rev. 5, FISMA, and federal ZT mandates including EO 14028, OMB M-22-09, and OMB M-21-31.
• Demonstrated ability to lead process re-engineering efforts directly supporting ZT implementation.
• Experience developing or maturing enterprise ZT artifacts including Common Control Catalogs, ZT roadmaps, and implementation plans.
• Demonstrated operational experience developing and implementing Zero Trust solutions in a federal agency or large enterprise environment.
• Proven experience translating ZT mandates into actionable agency-level policy frameworks, process change initiatives, and implementation roadmaps.
• Experience supporting or leading ZT-related IG FISMA metrics reporting or FISMA ZT compliance submissions.
• Superb written and oral communication skills; demonstrated ability to navigate highly political client environments with professionalism and tact.
• Demonstrated familiarity with AI-assisted analysis tools or prompt engineering; ability to apply AI capabilities ethically to accelerate advisory work.
• Minimum of a Bachelor of Science (or higher) in Information Technology, Computer Science, Cybersecurity, or a related field.
• Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP), or Certified Authorization Professional (CAP / CGRC), or equivalent certification.
• Active Secret clearance is required.

Nice To Haves

• Five years of IT cybersecurity experience, including direct support to the U.S. Government. This experience can be concurrent with the minimum 10 years of Policy Analyst, Process Re-Engineer, or Senior Policy Writer experience.
• Prior direct involvement in a federal ZT pilot program or enterprise ZT deployment in a planning, advisory, or execution leadership capacity.
• Experience developing or significantly maturing a ZT Common Control Catalog aligned to NIST SP 800-53 and CISA ZTMM v2.0.
• Familiarity with SAFe for Government (SGP) or equivalent agile delivery methodology in a federal program environment.
• Experience with IG FISMA audit preparation and response in the context of federal ZT or FISMA compliance programs.
• Certified Chief Information Security Officer (CCISO), Project Management Professional (PMP), or Six Sigma Green Belt.

Responsibilities

• Provide senior advisory guidance on the re-engineering of the agency's enterprise IT and cybersecurity processes to align with Zero Trust principles across all five CISA ZTMM v2.0 pillars: Identity, Devices, Networks, Applications & Workloads, and Data.
• Continuously monitor the federal ZT policy and regulatory landscape, including EOs, OMB memoranda, NIST publications, and DHS/CISA directives, and deliver real-time risk identification and actionable advisory recommendations before compliance deadlines arise.
• Conduct comprehensive gap analyses of existing agency policy documentation against ZT mandates; develop remediation roadmaps and present recommended courses of action for agency concurrence.
• Provide advisory support for the development and continuous maturation of the agency's ZT Common Control Catalog (CCC), ensuring recommended approaches align with RMF phases and ZT implementation lifecycle milestones.
• Develop recommended updates to the ZT Roadmap and Implementation Plan, incorporating process re-engineering findings and stakeholder input for agency review and approval.
• Apply real-time analysis of process performance data and ZT maturity indicators to proactively surface emerging risk areas and deliver timely recommendations, moving beyond periodic reporting to support continuous risk mitigation.
• Collaborate with cross-functional stakeholders to validate process outcomes and provide recommended courses of action for continuous improvement.
• Support all internal and external ZT data calls, requests, audits, and compliance updates; ensure recommended responses are developed and provided for agency review.
• Develop recommended new and revised cybersecurity policy documents and SOPs; all final documentation is subject to agency review and approval.
• Provide senior advisory support to ZT leadership on planning, scheduling, solution development, reporting, performance metrics, and program governance.
• Leverage AI-assisted analysis tools, automation platforms, and prompt engineering techniques to enhance advisory productivity, accelerate gap analysis and documentation tasks, and enable focus on higher-value technical advisory work; apply all AI capabilities in accordance with agency acceptable use policies and Zermount's ethical AI use guidelines.