Jobs · Engineering

Cybersecurity Subject Matter Expert Lead (59834)

BMA · Virginia, United States · 3 wk ago
RemoteRemoteEngineeringFull-time

Job Summary

BMA is seeking a Cybersecurity Subject Matter Expert (CS SME) – Lead to support the DLA JETS Cybersecurity Policy and Oversight Support Services (CPOSS) program. This is a fully remote position and contingent on contract award.

Responsibilities

  • Enterprise Cybersecurity Technical Leadership
  • Provides senior-level technical advice to the DLA cybersecurity assessment and oversight program, providing expert interpretation of cybersecurity policies, standards, and technical requirements.
  • Provides authoritative guidance on complex cybersecurity issues involving enterprise systems, networks, applications, enclaves, and emerging technologies.
  • Analyzes highly complex cybersecurity challenges and recommends innovative solutions that balance mission requirements, operational risks, and regulatory compliance.
  • Risk Management Framework (RMF) and Cybersecurity Assessment Expertise
  • Provides subject matter expertise on implementation and governance of the DoDI 8510.01 Risk Management Framework for DoD IT across DLA information systems.
  • Advises government stakeholders on security control validation, risk assessments, and authorization readiness determinations.
  • Supports development of enterprise-level recommendations regarding residual risk acceptance and cybersecurity posture improvements.
  • Cybersecurity Tools, Standards, and Architecture Support
  • Evaluates cybersecurity tools and technologies to support enterprise security assessment, monitoring, and compliance activities.
  • Recommends cybersecurity software solutions and assists in defining functional and technical requirements for tool selection.
  • Supports development of product-specific Security Technical Implementation Guides (STIGs) based on Defense Information Systems Agency Security Requirements Guides (SRGs).
  • Provides technical leadership in evaluating network security architectures, vulnerability assessment methodologies, and cybersecurity implementation strategies.
  • Enterprise Cybersecurity Policy and Methodology Development
  • Contributes to the development of new cybersecurity principles, methodologies, and governance practices that improve the DLA enterprise cybersecurity program.
  • Provides expert guidance in the development and refinement of enterprise cybersecurity policies, directives, and standard operating procedures supporting the CPOSS program.
  • Supports the development of advanced cybersecurity concepts and technical approaches that strengthen enterprise security posture and compliance with DoD cybersecurity regulations.
  • Strategic Analysis and Innovation
  • Conducts research and analysis of emerging cybersecurity threats, technologies, and best practices relevant to the DLA mission environment.
  • Develops innovative approaches for improving cybersecurity assessment processes, continuous monitoring practices, and enterprise risk management strategies.
  • Identifies opportunities to enhance cybersecurity oversight capabilities through improved tools, automation, analytics, and governance frameworks.
  • Senior-Level Advisory and Communication Support
  • Provides expert written and oral briefings to senior government leadership regarding cybersecurity risks, program status, and recommended solutions.
  • Prepares technical reports, white papers, and presentations addressing enterprise cybersecurity challenges.

Required Skills & Certifications

  • Current DoD 8670.01/8140 IAM Level III certification that includes one or more of the following: ISACA CISM, ISC2 Certified Information Systems Security Professional (CISSP), GIAC/SANS GIAS Security Leadership Certification (GSLC), or EC-Council Certified Chief Information Security Officer (CCISO).
  • 7+ years of Information Technology experience.
  • 5+ years of Information Assurance / Cybersecurity experience.
  • Demonstrated expertise in cybersecurity assessment methodologies, risk analysis, and enterprise cybersecurity governance.
  • Strong analytical and problem-solving skills with the ability to resolve complex cybersecurity challenges.
  • In-depth knowledge of DoD cybersecurity regulations and guidance, including RMF implementation.
  • Strong familiarity with Defense Information Systems Agency STIGs and Security Requirements Guides (SRGs).
  • Demonstrated ability to develop and evaluate cybersecurity technologies, architectures, and security solutions.
  • Exceptional technical leadership and independent decision-making ability.
  • Ability to translate complex cybersecurity issues into clear, actionable guidance for senior leadership.
  • Strong written and oral communication skills capable of supporting executive-level briefings.
  • Proven ability to innovate and develop new cybersecurity concepts, processes, and technical solutions.
  • Demonstrated ability to work independently toward long-range cybersecurity program objectives.

Similar jobs