Cybersecurity SME
Jobgether · United States · Today
RemoteRemoteEngineering$155k–$185k/yrFull-time
About the role
The position is listed on behalf of a partner company managing all applications and next steps. The partner is seeking a Cybersecurity SME based in the United States.
Responsibilities
- Provide strategic and technical guidance to improve enterprise security capabilities.
- Support cybersecurity transformation initiatives, advise stakeholders, and help implement innovative approaches to protect systems, data, and operations.
- Develop and implement cyber defense strategies focused on prevention, detection, response, and recovery.
- Audit existing security capabilities and recommend scalable improvements aligned with business, mission, and regulatory requirements.
- Design and support layered security approaches, including Zero Trust, identity-based security, endpoint protection, network segmentation, encryption, and secure cloud controls.
- Evaluate emerging cybersecurity technologies, tools, and methodologies to determine operational value and maturity.
- Develop cybersecurity roadmaps, modernization plans, maturity models, and implementation strategies.
- Advise leadership on cybersecurity risks, threat trends, security gaps, mitigation approaches, and investment priorities.
- Collaborate with architects, engineers, program managers, system owners, and business stakeholders to integrate security throughout the technology lifecycle.
- Support security assessments, risk assessments, compliance activities, authorization processes, audits, and continuous monitoring efforts.
- Provide expertise on cybersecurity frameworks and standards including NIST, RMF, FISMA, FedRAMP, CMMC, CIS Controls, and Zero Trust guidance.
- Recommend automation, analytics, AI, machine learning, and security orchestration approaches to improve cyber defense effectiveness.
- Support incident response planning, tabletop exercises, root cause analysis, and cybersecurity improvement initiatives.
- Create cybersecurity policies, procedures, playbooks, technical guidance, and executive-level briefings.
- Mentor cybersecurity professionals and promote knowledge sharing across teams.
- Drive innovation through threat-informed defense, attack surface reduction, behavioral analytics, deception technologies, and secure-by-design principles.
Requirements
- Experienced cybersecurity professional with a strong background in enterprise security strategy, architecture, and risk management.
- Ability to advise senior stakeholders, influence technical decisions, and deliver practical security solutions in complex environments.
- Master’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field; equivalent relevant experience may be considered.
- 10+ years of cybersecurity experience supporting enterprise-level security programs.
- Proven experience advising senior leaders, program managers, and technical teams on cybersecurity risks and defense strategies.
- Strong knowledge of cybersecurity architecture, security engineering, vulnerability management, incident response, identity and access management, cloud security, and continuous monitoring.
- Experience implementing or advising on frameworks such as NIST 800-53, NIST 800-37, NIST 800-207, FISMA, FedRAMP, CMMC, CIS Controls, or ISO 27001.
- Experience developing cybersecurity strategies, roadmaps, policies, procedures, risk assessments, and executive briefings.
- Familiarity with cybersecurity tools such as Splunk, Microsoft Sentinel, Tenable, Qualys, CrowdStrike, Palo Alto, ServiceNow GRC/IRM, Security Hub, Microsoft Defender for Cloud, or similar platforms.
- Ability to analyze technical risks and translate them into business and mission impacts.
- Strong written and verbal communication skills with the ability to engage technical and non-technical audiences.
- Ability to collaborate across multiple teams and influence decisions without direct authority.
- Experience with Zero Trust architecture, cloud security, DevSecOps, SIEM/SOAR, security automation, cyber analytics, and threat-informed defense is preferred.
- Experience supporting Authority to Operate (ATO), RMF packages, security control assessments, POA&Ms, and continuous monitoring activities is preferred.
- Experience with AI-enabled cybersecurity, machine learning-based detection, automated response, and advanced threat analytics is a plus.
- Possession of at least one relevant certification such as CISSP, GIAC certifications, ISC2 certifications, or equivalent cybersecurity credentials.
Benefits
- Competitive annual salary range of $155,000 - $185,000 USD.
- Comprehensive medical, dental, and vision insurance coverage.
- Voluntary life insurance and additional employee protection benefits.
- 401(k) retirement plan.
- Basic life and accidental death & dismemberment coverage.
- Short-term and long-term disability insurance.
- Paid time off and paid holidays.
- Flexible spending account (FSA) and health savings account (HSA) options.
- Telehealth services and employee assistance program (EAP).
- Remote work flexibility with occasional travel opportunities based on business needs.
- Opportunity to work on impactful cybersecurity initiatives supporting complex technology environments.