Senior Cybersecurity SIGINT SME (5339) (TS/SCI CI Poly) (Ft. Belvoir, VA )

SMX is seeking a Cybersecurity SME Senior SIGINT to support GISA at Fort Belvoir, VA. The successful candidate will have experience working as an ISSO on large Department of Defense contracts and leading a team of other cyber security professionals in support of project and client goals and objectives.

This is a full-time onsite position in Ft. Belvoir, VA.

Essential Duties & Responsibilities

• Continuous Monitoring Activities within 120-100 days of ATD:
  
  
  
  • Self-Test Security Controls are completed and updated annually.
  
  
  • Diagrams updated.
  
  
  • Hardware/Software Lists
  
  
  • Scans in artifacts or in CyborgBunny system are updated.
  
  
  • Ensure POA&M Elements for Security Controls in XACTA are updated, completed by ISSO, or closed by DAO.
  
  
  • RMF documents updated within 12-18 months (Incident Response, Contingency Plan, Configuration Plan, Disaster Recovery Plan, Privileged User Guide, General User Guide)
  
  
  • Monitor and review Auditing (UAM) activities using SEAR
  
  
  • Review and approve IAVA POA&Ms (only for SSPs without O-ISSM) through Biscotti
  
  
  • CONOPS (updated annually).
  
  
  • Mandatory System Owner training and iAgree form signed (annually) using CUE
  
  
  • ISSM and ISSO orders in BoE.
  
  
  • Review Security Relevant Changes are updated.
  
  
  • System Security Plan (SSP) updated annually and complete.
  
  
  • Work with ISSO to update any discrepancies and complete Readiness Report in IGGY Then complete ISSM Readiness Report in IGGY system when ready to move forward.
  
  
  • Send email to System Owner, ISSO and DAO that system is ready to move to DAO for review.
  
  
  
  


• Review, approve or disapprove IAVA POA&M in Biscotti system for SSPs without O-ISSMs assigned on monthly basis.


• Review, monitor and approve (systems without O-ISSM) CIVET and Staffing Processing Forms (SPF) tickets (these are tickets to be submitted for waivers on compliance for the system) through DOCHound system and reach out to ISSO when CIVET tickets expired, and no response has been made.


• Review alerts in LATTEART system – reach out to ISSOs to clear alerts and ensure system health score is within NSA requirements.


• Review and approve DTA ticket requests through help desk CHD


• Review and approve decommission requests of systems out of XACTA


• Review and update DAO on extension requests for expiring system for DAO decisions.


• Ensure Computer Security Incident Reports (CSIRs) through FREEZFRAME or emails are handled within 3 business days.  Follow up on weekly basis and escalate cases without responses after 30 days.


• Work and monitor to ensure System Owners and ISSOs to address and update any expired POA&Ms.  POA&M extension requests need DAO approval.


• Attend meetings, complete ad hoc tasks, and answer emails on questions from ISSMs and ISSOs.


• Assist ISSOs with policy and procedures especially with questions on changes.


• Review DARKROAST or ROCBLASTER for any new registered systems (weekly) or I review XACTA messages of new system added to XACTA.


• Review Satellite system for tracking SSPs and what queue is the SSPs are in. 

Required Skills, Experience & Education

• PhD in an area of Science, Technology, Engineering or Mathematics with at least 15 years’ experience as a cybersecurity professional OR a Master's degree in an area of Science, Technology, Engineering or Mathematics with at least 18 years’ experience as a cybersecurity professional OR a Bachelor’s degree in an area of Science, Technology, Engineering or Mathematics with at least 20 years’ experience as a cybersecurity professional


• Required Clearance: TS/SCI with CI Poly and NATO read-on prior to starting work


• 5 years of experience performing duties as an ISSM for SIGINT applications and systems.


• Ability to obtain and maintain all required NSA access.


• Meet the DoD requirements for a privileged user on a TS/SCI information system prior to starting work - DoD 8140 / 8570.01-m requirements


• 15 years’ experience with the assessment and accreditation activities of national security systems (NSSs)


• 10 years’ experience validating system security controls


• 10 years’ experience with vulnerability management


• 8 years’ experience with RMF


• 5 years’ experience with POA&M tracking and resolution

Desired Skills, Experience

• 5 years of experience performing RMF functions under the guidance and direction of NSA


• 5 years of ISSM or ISSO experience in Xacta

Application Deadline: July 27, 2026

#CJPOST

#LI-onsite

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is an Equal Opportunity employer including disabilities and veterans.

Selected applicant may be subject to a background investigation and/or education verification.

SMX does not sponsor a new applicant for employment authorization or immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer).