Job Description

Everforth ECS is seeking a Senior Cyber Security (RMF) Subject Matter Expert to work in Washington D.C office.

The ideal candidate will serve as a Subject Matter Expert (SME) in Risk Management Framework (RMF), demonstrate proficiency with the Assured Compliance Assessment Solution (ACAS), STIG compliance, and possess strong program/project management skills. This role requires effective problem-solving abilities, leadership experience, and a deep understanding of Information System Security Engineering (ISSE) and Information System Security Officer (ISSO) responsibilities. A Top Secret/SCI clearance is required for this position.

Salary Range: $140,000-180,000

General Description of Benefits

Qualifications

A Top Secret/SCI clearance is required for this position.

• Five (5) years of experience applying specialized IASE expertise to system requirements such as Cross Domain Solutions (CDS), cloud-based technologies, Service Oriented Architectures (SOA), general purpose IT systems, and communication systems.
• Five (5) years of demonstrated current and relevant subject matter expert experience with employing and advising best practices with implementing security controls within an information system including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
• Three (3) years of experience using automated testing tools that assess system security posture: Security Technical Implementation Guides (STIG) technologies such as Security Compliance Checker, DISA Benchmarks and STIG Viewer, Security Content Automation Protocol (SCAP) compliant tools [e.g. Assurance Compliance Assessment Solution (ACAS)], vulnerability scanning tools, and application security and development tools.
• Three (3) years of demonstrated current and relevant subject matter expert experience with DCID 6/3, ICD-503, and/or NIST Risk Management Framework.
• Three (3) years of demonstrated comprehensive understanding and experience in information assurance, e.g., accreditation, security testing and evaluation.
• Experience implementing and executing security engineering practices in the System/Software Development Life Cycle (SDLC) Process.
• Certified to meet the requirements of DoD Directive 8140.01 for the relevant PWS tasking.

• Bachelor’s degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master’s degree preferred.
• Experience in program/project management, with a proven track record of leading successful cybersecurity initiatives.
• Excellent problem-solving skills and the ability to analyze complex information to make informed decisions.
• Strong leadership and management skills, with the ability to mentor team members and communicate effectively with various stakeholders.
• Active certifications such as CISSP, CISM, or related industry credentials are highly desirable.