What we are looking for:
We are currently seeking a Cyber Security Subject Matter Expert - Lead for a full-time, remote position supporting the Defense Logistics Agency (DLA).
Roles and Responsibilities
Provides expert support, research and analysis of exceptionally complex problems, and processes relating to them. Serves as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation, and alternatives to complex problems. Thinks independently and demonstrates exceptional written and oral communications skills. Applies advanced technical principles, theories, and concepts. Contributes to the development of new principles, concepts, and methodologies. Works on unusually complex technical problems and provides highly innovative and ingenious solutions. Recommends cybersecurity software tools and assists in the development of software tool requirements and selection criteria to include the development of product specific STIGs from applicable DISA SRGs. Works under consultative direction toward predetermined long-range goals and objectives. Assignments are often self-initiated. Determines and pursues courses of action necessary to obtain desired results. Develops advanced technological ideas and guides their development into a final product.
Minimum Requirements:
- Ten (10) years IT experience
- Ten (10) years DOD Cybersecurity experience
- Ten (10) years of Risk Management Framework (RMF) and NIST A&A experience
- Demonstrated expertise in leading and mentoring teams, providing clear guidance, quality oversight, and technical direction to ensure all cybersecurity artifacts meet DoD standards, organizational expectations, and inspection‑ready quality levels.
- Proven real world hands-on experience preparing enterprise environments for DoD cybersecurity inspections (CCRI, CORA, Blue Team assessments)
- SME level experience in assessing security controls and conducting authorization reviews for large, complex organizations.
- SME level understanding of DoD cybersecurity requirements, including documenting and developing artifacts for STIGs, TCG configuration guides, IAVMs, and Task Orders
- Oversees end to end POA&M lifecycle management, ensuring accurate documentation, status tracking, and closure of all remediation actions
- Exceptional ability to develop, maintain, and validate RMF artifacts and cybersecurity documentation
- Expert ability to interpret new and evolving DoD cybersecurity documentation, templates, and compliance requirements to develop high‑quality cyber security artifacts even when guidance is incomplete, ambiguous, or inconsistently applied.
- Skilled in analyzing and interpreting cybersecurity guidance from the ISSM/ISSO to produce authoritative system documents such as the SSP, CONOPS, Incident Response Plan, Contingency Plan, Configuration Management Plan, and other required artifacts
- Proven ability to work independently and collaboratively with minimal oversight
- Strong research, analytical, and problem‑solving skills
- Proficiency with analytical tools such as Microsoft Excel, Access, Power BI, and Power Platforms
- Ability to generate clear, accurate, and audit‑ready cybersecurity reports, including vulnerability summaries, compliance status updates, and risk findings for technical and leadership audiences
- Ability to generate detailed analytics and trend reports using data from vulnerability scanners, configuration tools, and security platforms to support decision‑making and inspection readiness
- Excellent written and verbal communication skills, including the ability to brief leadership and produce clear documentation
- Experienced in the general tenets supporting the overall DOD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
- Knowledgeable in the cybersecurity of emerging technology areas such as Cloud, information technology (IT), Industrial Control Systems (ICSs), or Operational Technology (OT) infrastructures.
- Strong analytical and problem-solving skills for resolving security issues.
- Expert experience in cybersecurity and evaluations
- Must possess DOD Secret Clearance
Certification Requirements:
Required Training Certifications In: ICS300 or relevant Operational Technology “OT” or Industrial Control System “ICS” Cybersecurity Certifications, ACAS, and Tanium
Computing Environment: DLA approved CE (D Account Access)
Current Requirement: DOD 8570 - IAT 3
Future Requirement: DOD 8140
Primary Cyber Work Role: • Work Element: Cybersecurity (CS) • Work Role: 722 - Information Systems Security Manager • Proficiency Level: Advanced