Cybersecurity SME
Galapagos Federal Systems
full-time
Posted on:
Location Type: Remote
Location: United States
Visit company websiteExplore more
Salary
💰 $135,000 - $163,000 per year
Tech Stack
About the role
- Coordinate with DMDC to administer all aspects of the Risk Management Framework (RMF) to ensure DTMO systems maintain their Authority to Operate (ATO)
- Collaborate with the DTMO Information System Security Manager (ISSM) to maintain and update system security authorization packages
- Support the Authorizing Official (AO) and Security Control Assessor (SCA) to ensure compliance with DoD cybersecurity policies and security control requirements
- Manage and track Plans of Action and Milestones (POA&Ms), ensuring remediation actions are documented, monitored, and closed in coordination with the ISSM
- Participate in security audits, assessments, and authorization activities, providing documentation and technical support
- Coordinate with DMDC to monitor and report the security posture of DTMO systems using automated and manual reporting tools
- Monitor and analyze security event logs, generate reports, and identify potential risks or anomalous activity
- Review vulnerability scan results, recommend remediation strategies, and coordinate implementation of security patches and fixes
- Validate implementation of security controls and access control mechanisms to ensure proper protection of DTMO systems
- Develop and submit Deviation Requests for authorized exceptions to DoD Security Technical Implementation Guide (STIG) requirements when necessary
- Develop and maintain cybersecurity documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs)
- Support incident response activities, coordinating with DMDC and DTMO stakeholders to investigate and resolve cybersecurity incidents
- Provide cybersecurity guidance and recommendations to DTMO leadership and technical teams
- Support cloud security compliance and ensure adherence to DoD cloud security and computing policies
- Coordinate security assessments and penetration testing efforts to evaluate system security posture
- Support continuous monitoring activities and ensure compliance with DoD Information Assurance Vulnerability Management (IAVM) requirements
- Stay informed on emerging cybersecurity threats and vulnerabilities, recommending mitigation strategies and security improvements
Requirements
- Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field or Certified Information Systems Security Professional (CISSP) certification
- Microsoft Certified Solutions Expert (MCSE) Cloud Platform and Infrastructure, AWS Certified Solutions Architect, Red Hat Certified System Administrator in Red Hat OpenStack, or equivalent
- Experience implementing and supporting the Risk Management Framework (RMF) and NIST SP 800-37 processes
- Knowledge of DoD cybersecurity policies, NIST security controls, and STIG compliance requirements
- Experience managing Plans of Action and Milestones (POA&Ms) and supporting security authorization packages
- Experience conducting security assessments, vulnerability management, and remediation coordination
- Familiarity with security event logging, monitoring tools, and incident response processes
- Experience developing and maintaining security documentation, including SSPs, SARs, and RARs
- Understanding of continuous monitoring programs and Information Assurance Vulnerability Management (IAVM) requirements
- Experience supporting cloud security environments and compliance with DoD cloud security policies
- Strong analytical, risk assessment, and problem-solving skills
- Ability to collaborate effectively with security teams, system administrators, and federal stakeholders
- Strong written and verbal communication skills, including security reporting and technical documentation.
Benefits
- Medical, dental, vision, disability, and life insurance
- Flexible Spending Accounts
- 401(k)
- PTO
- Paid Parental Leave
- Tuition reimbursement
- Paid federal holidays
Applicant Tracking System Keywords
Tip: use these terms in your resume and cover letter to boost ATS matches.
Hard Skills & Tools
Risk Management Framework (RMF)NIST SP 800-37Plans of Action and Milestones (POA&Ms)vulnerability managementsecurity assessmentsincident responsecloud security compliancesecurity documentationsecurity event loggingsecurity control implementation
Soft Skills
analytical skillsrisk assessmentproblem-solving skillscollaborationcommunication skills
Certifications
Bachelor’s degree in CybersecurityCertified Information Systems Security Professional (CISSP)Microsoft Certified Solutions Expert (MCSE)AWS Certified Solutions ArchitectRed Hat Certified System Administrator