Cybersecurity SME Senior

• Perform the duties of an Information System Security Officer (ISSO) as defined in AR 25-2, DA 25-2-14, and the NIST SP 800-53 security controls when the organizationally-defined personnel includes the ISSO
• Actively manages the organization's eMASS records which includes but is not limited to:
• Validates security controls including associated artifacts
• Assesses security scan results and STIGs as required
• Performs POA&M updates, tracking, and resolution
• Leads the continuous monitoring activities of the organization
• Manages the day-to-day activities and the professional development of the Cybersecurity Analysts
• Collaborates with the O-ISSM on all assessment and authorization activities to ensure the information systems maintain an authority to operate (ATO) on all applicable DoD/IC networks
• Maintain up-to-date status on all assigned systems and communicate status to the Government leads
• Maintain complete records of communications, submit written status reports as required, perform peer-review as directed, and attend weekly meetings
• Correspond with the Government customer and system administrators to communicate any unacceptable risks identified and correct deficient POA&M items to meet DoD and IC standards
• Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and to mission data
• Create and maintain cybersecurity policies and standards
• Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards
• Ensures security scans and STIG checklists are updated according to DA G2 policy
• Produces actionable, risk-based reports on security assessment results
• Assists with vulnerability remediation when necessary
• Develops and maintains security plans and security testing plans
• Periodically updates and improves risk models; metrics; reports; processes; and activities to stay compliant with evolving DoD and IC standards
• Ensures the user community understands and adheres to necessary procedures to maintain security posture of the information systems
• Provides guidance in the creation and maintenance of Standard Operating Procedures (SOPs); Tactics, Techniques, and Procedures (TTPs); and other similar documentation, Legal Last Name * Full Middle Name * Suffix Street Address * City * State * Postal Code * Are you at least 18 years of age? * What level of security clearance do you currently hold? * None Public Trust Interim Secret Secret SSBI Top Secret TS/SCI CI Poly FS Poly CNWDI Yankee White DOE Q DOE L DHS Suitability Work Authorization * Will you at any time require any form of work authorization, visa, or other immigration sponsorship? * Salary Requirements * Have you previously worked for SMX or a subsidiary? * WE ARE AN EQUAL OPPORTUNITY EMPLOYER. Applicants and employees are considered for positions and are evaluated without regard to mental or physical disability, race, color, creed, religion, sex, gender, national origin, ancestry, age, genetic information, military or veteran status, sexual orientation, gender identity or expression, marital status, familial status or any other legally protected status under applicable law or other similar factors that are not job-related. No question on the application is intended to secure information about these subjects. We encourage all qualified individuals to apply for employment. We also provide reasonable accommodation to qualified individuals with disabilities in accordance with the Americans With Disabilities Act and applicable state and local law. If you require assistance or a reasonable accommodation to complete the application or any aspect of the application process, please contact the Talent Acquisition team at talent@smxtech.com. All applicants must properly complete this employment application; failure to do so may result in denial of employment. Rhode Island Applicants: PURSUANT TO THE WORKERS' COMPENSATION LAW SECTION 28-29-6, THE ORGANIZATION INFORMS YOU THAT IT IS SUBJECT TO THE WORKERS' COMPENSATION LAWS. IF YOU PROVIDE FALSE INFORMATION ABOUT YOUR ABILITY TO PERFORM THE ESSENTIAL FUNCTIONS OF THE JOB WITH OR WITHOUT ACCOMMODATION, YOU MAY BE BARRED FROM FILING A CLAIM UNDER THE PROVISIONS OF THE WORKERS' COMPENSATION ACT OF THE STATE OF RHODE ISLAND. * I have read and agree to the SMX Data Privacy Policy. *

https://www.smxtech.com/careers/data-policy/ I agree to the Conditions of Application and Employment statement below. *

I understand that any false statements in this application may be cause for rejection or termination of my employment with SMX. I also grant permission to SMX to obtain employment records and reasons for termination from my previous employers, and to obtain information from my references. I hereby authorize this electronic signature submittal to serve as my legal signature. * Enter Full Legal Name *

• PhD in an area of Science, Technology, Engineering or Mathematics with at least 15 years' experience as a cybersecurity professional OR a Master's degree in an area of Science, Technology, Engineering or Mathematics with at least 18 years' experience as a cybersecurity professional OR a Bachelor's degree in an area of Science, Technology, Engineering or Mathematics with at least 20 years' experience as a cybersecurity professional
• Active TS security clearance and eligible for SCI and NATO read-on prior to starting work
• Meet the DoD requirements for a privileged user on a TS/SCI information system prior to starting work - DoD 8140 / 8570.01-m requirements
• 15 years' experience with the assessment and accreditation activities of national security systems (NSSs)
• 10 years' experience validating system security controls
• 10 years' experience with vulnerability management
• 10 years' experience with DISA Security Technical Implementation Guides (STIGs), DISA Security Requirements Guide (SRG), and vendor-specific security guides
• 8 years' experience with RMF and eMASS
• 5 years' experience with POA&M tracking and resolution
• 3 years' experience performing the continuous monitoring of system security controls

Desired Skills, Experience

• 10 years' experience as an ISSO on Army Intel programs
• 2 years' experience with AC2SP tenant assessment and accreditation activities

The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications. At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement. The proposed salary for this position is: $138,800-$231,400 USD

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what's possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is an Equal Opportunity employer including disabilities and veterans.

Selected applicant may be subject to a background investigation and/or education verification.

SMX does not sponsor a new applicant for employment authorization or immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer)., As set forth in SMX's Equal Employment Opportunity policy, we do not discriminate on the basis of any protected group status under any applicable law. Gender Are you Hispanic/Latino? Please identify your race Race & Ethnicity Definitions

If you believe you belong to any of the categories of protected veterans listed below, please indicate by making the appropriate selection. As a government contractor subject to the Vietnam Era Veterans Readjustment Assistance Act (VEVRAA), we request this information in order to measure the effectiveness of the outreach and positive recruitment efforts we undertake pursuant to VEVRAA. Classification of protected categories is as follows:

A "disabled veteran" is one of the following: a veteran of the U.S. military, ground, naval or air service who is entitled to compensation (or who but for the receipt of military retired pay would be entitled to compensation) under laws administered by the Secretary of Veterans Affairs; or a person who was discharged or released from active duty because of a service-connected disability.

A "recently separated veteran" means any veteran during the three-year period beginning on the date of such veteran's discharge or release from active duty in the U.S. military, ground, naval, or air service.

An "active duty wartime or campaign badge veteran" means a veteran who served on active duty in the U.S. military, ground, naval or air service during a war, or in a campaign or expedition for which a campaign badge has been authorized under the laws administered by the Department of Defense.

An "Armed forces service medal veteran" means a veteran who, while serving on active duty in the U.S. military, ground, naval or air service, participated in a United States military operation for which an Armed Forces service medal was awarded pursuant to Executive Order 12985. Veteran Status

SMX is seeking a Cybersecurity SME Senior to support G2 at Fort Belvoir, VA. The successful candidate will have experience working as an ISSO on large Department of Defense contracts and leading a team of other cyber security professionals in support of project and client goals and objectives.