Cybersecurity Assessment & Authorization Subject Matter Expert-SME
Nationwide IT Services
·3 days ago
- Salary
- $100k – $135k
- Location
- Fairfax, VA
- Workplace
- Remote
- Type
- Full-time
- Department
- IT
- Education
- Master
- Clearance
- Required
- Closing date
- Today
- Source
- ApplyToJob
Description
CYBERSECURITY ASSESSMENT AND AUTHORIZATION SUBJECT MATTER EXPERT (SME)
Location: The primary place of performance will be at the government site and/or Off-Site.Security Clearance Requirement: Secret
Security Investigation Requirement: Required to possess a Moderate Risk, Non-Critical Sensitive, Tier 3 (T3)/NACLC/ANACI upon assignment.
Certification Requirement: DOD 8570 - IAM 3 (CISSP, CISM, GSLC, CCISO)
Position Summary
Nationwide IT Services (NIS) is seeking a Cybersecurity Subject Matter Expert (SME) for a potential opportunity supporting the Assessment and Authorization (A&A) of information systems and the implementation of associated cybersecurity policies and procedures.
The ideal candidate will have a strong understanding of NIST SP 800-53 security controls and their application to the assessment and authorization of complex enterprise IT environments, including large and small enclaves, cloud-hosted services, operational technology (OT), AIS applications, and outsourced IT services within organizations such as the Defense Logistics Agency (DLA).
Key Responsibilities
- Executes DoW/DLA cybersecurity processes to authorize information systems, maintain authorization of information systems, and serve as a Subject Matter Expert (SME) for systems undergoing the authorization process.
- Update and track POA&M entries by documenting findings, logging remediation actions, and keeping milestone dates current to ensure issues move toward closure.
- Proven ability to work independently and collaboratively with minimal oversight
- Ability to generate clear, accurate, and audit-ready cybersecurity reports, including vulnerability summaries, compliance status updates, and risk findings for technical and leadership audiences
- Performs a DOD cybersecurity process while either authorizing an information system or serving as a SME for an information system undergoing authorization.
- Determines the applicable severity value for an identified vulnerability (e.g., non-compliant security control) and determines the possible ramifications on the system’s current or future authorization.
- Brief senior management on the progress or results of an information system undergoing the Risk Management Framework (RMF) process.
Required Qualifications
- Seven (7) years of relevant Risk Management Framework (RMF) and NIST A&A experience.
- DOW cybersecurity experience
- Experience in assessing security controls and conducting authorization reviews for large, complex organizations.
- Strong research, analytical, and problem-solving skills
- Strong understanding of DoD cybersecurity requirements, including documenting and developing artifacts for STIGs, TCG configuration guides, IAVMs, and Task Orders
- Exceptional ability to develop, maintain, and validate RMF artifacts and cybersecurity Documentation
- Proficiency with analytical tools such as Microsoft Excel, Access, Power BI, and Power Platforms
- Experience producing detailed analytics and trend reports using data from vulnerability scanners, configuration tools, and security platforms to support decision-making and inspection readiness
- Excellent written and verbal communication skills, including the ability to brief leadership and produce clear documentation
- Experienced in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
- Knowledgeable in the cybersecurity of emerging technology areas such as Cloud, information technology (IT), Industrial Control Systems (ICSs), or Operational Technology (OT) infrastructures.
- Required to possess a DOD SECRET Clearance and be eligible for an IT-II Non-Critical Sensitive Security clearance or Tier 3 (T3) upon assignment.
Why Join Nationwide IT Services?
Nationwide IT Services is a trusted government contractor supporting Department of Defense customers. Join us to work on high-impact cybersecurity missions with experienced professionals in a collaborative, growth-focused environment.Our benefits package includes medical, dental, and vision insurance; life and disability insurance; a 401(k) plan with employer match; paid holidays; PTO (sick/vacation); commuter benefits; an employee assistance program (EAP); educational reimbursement; and Pet Insurance.
Salary range $100,000 to $135,000 annually
The salary range is a general guideline. We consider several factors when determining base salary offers, including the position's scope and responsibilities, the candidate's experience, education, and skills, and current market conditions.