Cybersecurity Lead

Job Title: Cybersecurity Subject Matter Expert (SME) – Lead (Key Personnel)

Location: Fort Belvoir, VA OR Richmond, VA OR Battle Creek, MI OR Columbus, OH OR Dayton, OH OR New Cumberland, PA OR Odgen, UT OR Philadelphia, PA

Summary: Seeking a highly experienced Cybersecurity SME – Lead to provide technical leadership, analysis, and support for complex DoD cybersecurity initiatives. This role serves as a key expert within the Cybersecurity Assessment Program, driving RMF implementation, cybersecurity compliance, and inspection readiness. The ideal candidate will lead the development of cybersecurity artifacts, provide strategic direction, and deliver innovative solutions across enterprise-level environments while ensuring adherence to DoD standards and evolving security frameworks.

Responsibilities:

• Serve as technical lead and SME for cybersecurity assessments, RMF, and DoD compliance initiatives


• Provide guidance, oversight, and mentorship to cybersecurity teams ensuring high-quality, audit-ready deliverables


• Develop, review, and maintain RMF artifacts including SSP, CONOPS, Incident Response Plan, Contingency Plan, and Configuration Management Plan


• Lead preparation for DoD cybersecurity inspections (CCRI, CORA, Blue Team assessments)


• Conduct security control assessments and authorization reviews for complex enterprise systems


• Manage POA&M lifecycle including tracking, remediation, and closure of vulnerabilities


• Interpret DoD cybersecurity policies, STIGs, SRGs, IAVMs, and develop compliant documentation


• Recommend and evaluate cybersecurity tools; support development of STIGs and tool requirements


• Generate reports, analytics, and dashboards on vulnerabilities, compliance, and risk posture


• Collaborate with ISSM/ISSO and stakeholders to ensure system security and compliance


• Support cybersecurity strategy, policy development, and emerging technology security (Cloud, ICS/OT)

Requirements:

• 10+ years of IT experience


• 10+ years of DoD cybersecurity experience


• 10+ years of RMF and NIST A&A experience


• Strong expertise in DoD cybersecurity frameworks, compliance, and documentation (STIGs, SRGs, IAVMs)


• Proven experience supporting DoD inspections (CCRI, CORA, Blue Team)


• Hands-on experience with security control assessments and authorization processes


• Experience managing POA&M lifecycle and cybersecurity artifacts


• Proficiency with tools such as Microsoft Excel, Access, Power BI, and Power Platform


• Strong analytical, problem-solving, and research skills


• Excellent written and verbal communication skills


• Experience with cloud, IT, ICS/OT cybersecurity environments


• Active DoD Secret Clearance (IT-II Non-Critical Sensitive / Tier 3 required at submission)

Certification Requirements:

• DoD 8570 IAT Level III (future DoD 8140 compliance)


• ICS300 or relevant OT/ICS cybersecurity certification


• ACAS and Tanium experience required


• DLA approved Computing Environment (CE) certification

Preferred Qualifications:

• Experience in large-scale federal or defense environments


• Advanced expertise in cybersecurity evaluations and enterprise risk management


• Experience with emerging technologies and modern security architectures


• Strong leadership experience with cross-functional teams


• Ability to work independently and drive initiatives with minimal oversight