GovCIO is currently hiring for a
SME Cybersecurity Engineer to support cybersecurity, compliance, and risk management activities supporting the U.S. Coast Guard (USCG). This role provides high-level engineering, technical leadership, and strategic guidance to maintain federal security standards, manage vulnerabilities, and ensure mission-critical systems achieve and retain authorization. This position will be located in Alexandria, VA,and will be a hybrid position.
ResponsibilitiesAs an SME Cybersecurity Engineer, you will serve as a principal technical authority for the cybersecurity posture, compliance framework, and risk management initiatives. Core responsibilities include:
- Lead the drafting and maintenance of comprehensive Authority to Operate (ATO) packages and documentation in alignment with federal guidelines.
- Provide expert guidance in the selection, tailoring, and implementation of complex security controls applicable to the system environment.
- Identify, select, and oversee the application of appropriate Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Checklists.
- Create, manage, and actively monitor Plan of Action and Milestones (POA&Ms) to ensure swift remediation of enterprise security gaps.
- Lead and conduct thorough Privacy Threshold Analysis (PTA) to ensure federal data privacy compliance.
- Actively monitor Assured Compliance Assessment Solution (ACAS) scans and collaborate with technical infrastructure teams to remediate identified vulnerabilities.
- Direct and document regular Contingency Plan (CP) testing to ensure operational resilience and disaster recovery readiness.
- Support change management processes by overseeing the accurate completion and routing of all required engineering paperwork.
- Facilitate Cybersecurity Service Provider (CSSP) onboarding processes to align with organizational defense-in-depth strategies.
- Engage, coordinate, and maintain strategic communication with various departments within Coast Guard Cyber Command (CGCYBER).
- Respond accurately and promptly to Cyber Operational Readiness Assessment (CORA) and broader CGCYBER data calls.
- Provide all requested technical security documentation to the primary Information Systems Security Officer (ISSO) to support overarching compliance.
QualificationsHigh School with 12+ years (or commensurate experience)
Required Skills & Experience - Certifications: DoD 8570.01-M IAM Level I Certification (e.g., Security+ CE, CAP, GSLC, or equivalent).
- Demonstrated practical user experience with Assured Compliance Assessment Solution (ACAS) for federal vulnerability scanning.
- Hands-on experience utilizing Security Information and Event Management (SIEM) systems for analyzing security alerts and system logs.
- Familiarity with Extended Detection and Response (XDR) platforms for endpoint and network threat detection.
- Direct user experience navigating the Enterprise Mission Assurance Support Service (eMASS) for IT security compliance and risk management.
- Proven understanding of the Risk Management Framework (RMF) process and federal system hardening procedures.
Clearance Level: Must have an active Secret clearance
Preferred Skills & Experience - Experience supporting U.S. Coast Guard (USCG) or Department of Homeland Security (DHS) cybersecurity programs.
- Advanced baseline cybersecurity certifications such as IAM Level II/III credentials (e.g., CISSP, CISM, or CASP+).
- Prior experience participating directly in formal federal security audits or Cyber Operational Readiness Assessments (CORA).
- Familiarity with automation tools or dashboards used to track and report vulnerability remediation progress.s.
Posted Salary RangeUSD $165,000.00 - USD $214,000.00 /Yr.
Never miss an opportunity! Create an alert based on the job you applied for.