Job Description Everforth ECS is seeking a
Senior Cyber Security (RMF) Subject Matter Expert to work in
Washington D.C office. The ideal candidate will serve as a Subject Matter Expert (SME) in Risk Management Framework (RMF), demonstrate proficiency with the Assured Compliance Assessment Solution (ACAS), STIG compliance, and possess strong program/project management skills. This role requires effective problem-solving abilities, leadership experience, and a deep understanding of Information System Security Engineering (ISSE) and Information System Security Officer (ISSO) responsibilities.
A Top Secret/SCI clearance is required for this position. Salary Range: $140,000-180,000
General Description of Benefits
Required Skills A Top Secret/SCI clearance is required for this position. - Five (5) years of experience applying specialized IASE expertise to system requirements such as Cross Domain Solutions (CDS), cloud-based technologies, Service Oriented Architectures (SOA), general purpose IT systems, and communication systems.
- Five (5) years of demonstrated current and relevant subject matter expert experience with employing and advising best practices with implementing security controls within an information system including software engineering methodologies, system/security engineering principles, secure design, secure architecture, and secure coding techniques.
- Three (3) years of experience using automated testing tools that assess system security posture: Security Technical Implementation Guides (STIG) technologies such as Security Compliance Checker, DISA Benchmarks and STIG Viewer, Security Content Automation Protocol (SCAP) compliant tools [e.g. Assurance Compliance Assessment Solution (ACAS)], vulnerability scanning tools, and application security and development tools.
- Three (3) years of demonstrated current and relevant subject matter expert experience with DCID 6/3, ICD-503, and/or NIST Risk Management Framework.
- Three (3) years of demonstrated comprehensive understanding and experience in information assurance, e.g., accreditation, security testing and evaluation.
- Experience implementing and executing security engineering practices in the System/Software Development Life Cycle (SDLC) Process.
- Certified to meet the requirements of DoD Directive 8140.01 for the relevant PWS tasking.
- Bachelor's degree in Cybersecurity, Computer Science, Information Technology, or a related field. Master's degree preferred.
- Experience in program/project management, with a proven track record of leading successful cybersecurity initiatives.
- Excellent problem-solving skills and the ability to analyze complex information to make informed decisions.
- Strong leadership and management skills, with the ability to mentor team members and communicate effectively with various stakeholders.
- Active certifications such as CISSP, CISM, or related industry credentials are highly desirable.
Desired Skills - Lead the implementation and management of the RMF process for information systems, ensuring compliance with federal standards, including NIST SP 800-53.
- Utilize ACAS to perform continuous monitoring, vulnerability management, and compliance assessment of IT systems.
- Conduct STIG compliance assessments, documenting findings, and coordinating remediation efforts with technical teams.
- Implement and oversee vulnerability management processes to identify, assess, track, and remediate vulnerabilities across all systems.
- Develop and maintain a vulnerability tracking system that logs vulnerabilities, assigns remediation tasks, and monitors resolution progress.
- Collaborate with stakeholders to develop and maintain security policies, procedures, and documentation for various operational systems.
- Manage and oversee cybersecurity projects, from planning through execution, ensuring project goals align with organizational objectives.
- Perform risk assessments to identify vulnerabilities and develop actionable mitigation strategies.
- Mentor and guide junior analysts, fostering skill development and knowledge sharing within the team.
- Prepare detailed reports and presentations for senior management and stakeholders, highlighting security posture, compliance status, and risk management activities.
- Stay abreast of emerging cybersecurity threats, technologies, and regulatory requirements to enhance security strategies.
#EverforthECS1
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
Everforth ECS is the federal segment of
Everforth , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
Meet the challenge. Make a difference with Everforth ECS! 
Never miss an opportunity! Create an alert based on the job you applied for.
