Get new jobs for this search by email

DecisiveInstincts, LLC has an immediate opportunity for a Cybersecurity SME requiring a Top Secret (SCI Eligible) clearance located in Honolulu, Hawaii. In this role, you will be responsible for delivering cybersecurity and RMF/FISMA support to US Government (USG) mission owners by distributing current policy and providing guidance and mentorship to cyber forces to ensure compliance.

Duties and Responsibilities

The Cybersecurity Subject Matter Expert will deliver cybersecurity and RMF/FISMA support to US Government (USG) mission owners by distributing current policy and providing guidance and mentorship to cyber forces to ensure compliance. They will assist USG sites in improving and maintaining implementation of congressional FISMA, DoD, and AF cybersecurity directives. The SME will conduct on-site and/or virtual A&A validation and reviews using National/DoD/AF standards, collect and develop A&A artifacts in accordance with AO Office, and assist USG sites in maintaining A&A packages. This includes tracking and updating documents in databases such as CAP for SNAP, GIAP circuit management tools, eMASS, ITIPS, and CMRS efforts. The SME will create and maintain comprehensive RMF products for theater circuits/enclaves via eMASS, assist with RMF deliverables creation, and ensure A&A data synchronization across repositories. They will process circuit connection requests, prepare and mentor NAF, Wing and cybersecurity forces through the CRR-M program, and train personnel in DoD security implementation tools. The SME will also consult on vulnerability scanning tools and endpoint security solutions, assist in preparing for Cyber Operations Readiness Assessments (CORA) and Command Cyber Operational Readiness Inspections (CCORI), create assessment scores and risk reports, and provide recommendations for mitigations and follow-on actions.

Basic Qualifications

The Cybersecurity SME must possess a Top Secret (TS)/Sensitive Compartmented Information (SCI) security clearance and DoD 8570.1-M certification at IAT Level 3, with one of the following: CASP+ CE, CCNP-Security, CISA, CISSP, GCED, GCIH, or CCSP. They must have 2-3 years of experience executing Federal, National, DoD, USAF CIO, and US State Department requirements to assess cyber risk, identify mission sets, and defend the mission. The SME should have 2-3 years applying and advising on cybersecurity requirements, understand AF Cyber architecture and USG sites roles, and be able to travel to conduct duties (up to 40% of the time). Proficiency in Microsoft Office Suite and SharePoint is required, along with certificates for various security trainings. The SME needs 2-3 years of experience in RMF/FISMA/ATO A&A, maintaining accreditation, and working with DISA Connection Approval Process vehicles. Expertise with FISMA compliance and AF System A&A process vehicles is necessary. The SME should have 2-3 years experience conducting security assessments, in-depth experience with DISA STIGs, and expertise with CORA & CCORI processes and tools.

Preferred Qualifications

The Cybersecurity SME must be able to deliver cybersecurity and RMF/FISMA support to mission owners while distributing policy and providing guidance to cyber forces. They need knowledge of congressional FISMA, DoD, and AF cybersecurity directives, with in-depth experience conducting A&A validation and reviews using National/DoD/AF standards. The SME should be proficient in collecting and developing A&A artifacts, maintaining packages, and tracking/updating documents in databases. They need to create and maintain RMF products, synchronize A&A data across repositories, and process circuit connection requests. The SME should have mentoring experience, train personnel with DoD cybersecurity tools, and resolve issues with vulnerability scanning tools and endpoint security solutions. Experience preparing for CORAs & CCORIs and creating assessment scores and risk reports is essential. The SME must be skilled with communication platforms, including MS Teams, SharePoint, and VoIP Phones, proficient with Microsoft tools, able to collaborate with others, and capable of briefing technical information to both technical and non-technical audiences, including senior leaders and large groups.

ActioNet Core Value #1 - Instill Integrity In Everything We Do