Senior Cybersecurity SME (Ft. Belvoir, VA) (3960) jobs in United States
cer-icon
Apply on Employer Site
company-logo

SMX · 6 hours ago

Senior Cybersecurity SME (Ft. Belvoir, VA) (3960)

positionFort Belvoir, VA
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
money$122K/yr - $184K/yr
date15+ years exp

SMX is seeking a Cybersecurity Subject Matter Expert to support at Ft. Belvoir as a trusted advisor to senior leadership, by providing expert guidance on information assurance and cybersecurity. The role involves managing risk management processes, leading continuous monitoring activities, and ensuring compliance with cybersecurity standards.

AnalyticsCloud ComputingCloud Data ServicesCloud SecurityCyber SecurityInformation TechnologyIT ManagementSoftware
badNo H1BnoteSecurity Clearance RequirednoteU.S. Citizen Onlynote

Responsibilities

Perform the duties of an Information System Security Officer (ISSO) as defined in AR 25-2, DA 25-2-14, and the NIST SP 800-53 security controls when organizationally defined personnel include the ISSO
Actively manages the organization’s Risk Management Framework (RMF) processes which includes but is not limited to:
Applying RMF to select CI systems
Validates security controls including associated artifacts
Assesses security scan results and STIGs are required
Performs POA&M updates, tracking, and resolution
Leads the continuous monitoring activities of the organization
Manages the day-to-day activities and the professional development of the Cybersecurity Analysts
Collaborates with the O-ISSM on all assessment and authorization activities to ensure the information systems maintain an authority to operation (ATO) on all applicable DoD/IC networks
Maintain up-to-date status on all assigned systems and communicate status to the Government leads
Maintain complete records of communications, submit written status reports as required, perform peer-review as directed, and attend weekly meetings
Correspond with the Government customer and system administrators to communicate any unacceptable risks identified and correct deficient POA&M items to meet DoD and IC standards
Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and to mission data
Create and maintain cybersecurity policies and standards
Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards
Ensures security scans and STIG checklists are updated according to DA G2 policy
Produces actionable, risk-based reports on security assessment results
Assists with vulnerability remediation when necessary
Develops and maintains security plans and security testing plans
Periodically updates and improves risk models; metrics; reports; processes; and activities to stay compliant with evolving DoD and IC standards
Ensures the user community understands and adheres to necessary procedures to maintain security posture of the information systems
Provides guidance in the creation and maintenance of Standard Operating Procedures (SOPs); Tactics, Techniques, and Procedures (TTPs); and other similar documentation

Qualification

Active TS security clearanceCybersecurity expertiseRisk Management Framework (RMF)Vulnerability managementDISA STIGs complianceSPLUNKPOA&M trackingContinuous monitoringLeadership skillsCommunication skillsTeam collaboration

Required

Active TS security clearance with eligibility for SCI and NATO read-on prior to starting work
PhD in an area of Science, Technology, Engineering or Mathematics with at least 15 years' experience as a cybersecurity professional OR a master's degree in an area of Science, Technology, Engineering or Mathematics with at least 18 years' experience as a cybersecurity professional OR bachelor's degree in an area of Science, Technology, Engineering or Mathematics with at least 20 years' experience as a cybersecurity professional
Meet the DoD requirements for a privileged user on a TS/SCI information system prior to starting work – DoD 8140 / 8570.01-m requirements – IAT III
15 years' experience with the assessment and accreditation activities of national security systems (NSSs)
10 years' experience validating system security controls
10 years' experience with vulnerability management
10 years' experience with DISA Security Technical Implementation Guides (STIGs); DISA Security Requirements Guide (SRG), and vendor-specific security guides
8 years' experience with RMF and eMASS
5 years' experience with POA&M tracking and resolution
3 years' experience performing the continuous monitoring of system security controls
3 years' experience with SPLUNK

Preferred

10 years' experience as an ISSO on Army Intel programs
2 years' experience with AC2SP tenant assessment and accreditation activities

Benefits

Health insurance
Paid leave
Retirement

Company

SMX

twittertwitter
company-logo
SMX is a provider of information technology (IT), services, and advanced engineering with a focus on Cloud Solutions.
dateFounded in 1995
location
Hollywood, Maryland, USA
people-size1001-5000 employees
web-link
https://www.smxtech.com

Funding

Current Stage
Late Stage

Leadership Team

leader-logo
Peter LaMontagne
Chief Executive Officer
linkedin

Recent News

GlobeNewswire
eSHARE and SMX Announce FedRAMP Moderate Agency ATO for eSHARE’s Trusted Collaboration Suite
2026-01-22
PR Newswire
ColorTokens Achieves FedRAMP® Moderate Authorization, Accelerating Secure Zero Trust Adoption Across Federal Agencies
2026-01-12
GlobeNewswire
Outside Analytics Teams with SciTec on U.S. Space Force FORGE EOS Contract for Missile Warning Mission
2025-12-09
Company data provided by crunchbase