Cybersecurity Engineering SME

About the Role: The Cybersecurity Engineering SME is a key player to assisting a security engineering and architecture team with integrating existing as well as new technical security capabilities in with our client’s new and existing information systems. In addition, this individual will be working closely with various system stakeholders in a manner that enables such technical security capabilities to be implemented in a way that complies with external requirements the client has to comply with. The individual will also be assisting with such integrations in order to mature the client’s data-driven risk management and information security capabilities.

Role Description:

• Key responsibilities include but not limited to:

o Perform implementation, administration, O&M, optimization, & integration of cybersecurity tools, technologies, and services

o Support highly technical cybersecurity engagements that span a broad spectrum of existing and emerging cybersecurity domains. Support may include market research, research into emergent technologies, or evaluation of existing cybersecurity products or capabilities.

o Serve in an advisory capacity; focusing on technology modernization, security automation, architecture and design, security solutions integration, and security transformation.

o Offer technical expertise and advice on the restructuring and/or re-architecting of major systems to ensure the optimal placement and configuration of cybersecurity tools and appliances.

• Develop, obtain approval on, and execute communication / outreach activities related to technical security capabilities being created and/or maintained by the security engineering and architecture team. Such communication / outreach activities may include, but not be limited to:

o Presentation creation and delivery

o Job Aid and Template Creation

o Virtual Training Meetings

o Office Hours / Collaboration Discussions

• Assist information system stakeholders with completing templates, providing inputs to the security engineering and architecture team, as well as translating security engineering and architecture team outputs to the information system stakeholders successfully.

• Analyze artifacts and content produced by either the information system stakeholders or security engineering and architecture team with a focus on demonstrating external/internal requirement compliance or obtaining security/risk management-related insights.

• Review internally or externally produced policy content and identify recommendations regarding how to proceed, following by implementing the client-approved recommendations.

• Additional security consultant / business analysis-oriented duties focused on seamless integration and synchronization of security engineering and architecture team capabilities with client information systems.

‍

Required Qualifications & Education:

• Bachelor’s Degree

• Requires active CISSP, CISA or CISM certification.

• Minimum of eight years of information security experience.

• Minimum of eight years experience performing functions and responsibilities related to O&M and optimization of enterprise cybersecurity tools.

• Strong understanding of the NIST Risk Management Framework and supporting publications / standards

• Experienced in creating and executing communications as well as outreach activities related to information security topics, including to audiences who may not have strong information security backgrounds.

• Knowledgeable of applying requirements elicitation / gathering and testing techniques within a security environment.

• Ability to self-start with little guidance is critical to the role’s success.

• Experienced in conveying strong verbal and written communication skills.

• Ability to proactively operate independently with little supervision.

‍

Desired Qualifications:

• Understanding of the Cybersecurity Executive Order(s) and supporting OMB Memos

• Prior experience assisting with implementing Cybersecurity Executive Order(s) and supporting OMB Memos at the agency level.

‍

Clearance and Location Requirements:

• 100% Remote (Greater Baltimore / Washington, DC Area Strongly Preferred)

• Ability to obtain a Public Trust clearance

‍