Cybersecurity SME

Overview

Mano Lani LLC is looking for an enthusiastic, well-qualified individual to fill the Cybersecurity Subject Matter Expert (SME) position. This role offers the opportunity to work with a diverse and talented group of individuals committed to driving success. Mano Lani is an exceptional industry partner to the Department of Defense (DoD) and a leader in physical and cyber security, IT management, logistics, supply chain management, process improvement and development.

The Cybersecurity Subject Matter Expert (SME) provides comprehensive cybersecurity support for the DTMO Enterprise Infrastructure in accordance with the Risk Management Framework (RMF), NIST 800-37, and DoW cybersecurity requirements. This position serves as the primary SME for all cybersecurity matters, ensuring DTMO systems maintain their Authority to Operate (ATO) by managing the RMF process, conducting security assessments, and overseeing remediation of vulnerabilities. The Cybersecurity SME coordinates with DMDC, the DTMO Information System Security Manager (ISSM), Authorizing Official (AO), and Security Control Assessor (SCA) to maintain system security posture, manage Plans of Action and Milestones (POA&Ms), and ensure compliance with DoD cybersecurity mandates. The position requires monitoring and reporting on security events, supporting incident response activities, and providing cybersecurity guidance to DTMO leadership and technical staff. The Cybersecurity SME also supports cloud security compliance and ensures adherence to DoW cloud computing requirements.

Essential Duties and Responsibilities: (Not listed in order of importance; other duties may be assigned) and must be able to perform the following with minimal guidance or supervision:

Coordinate with DMDC to administer all aspects of RMF to ensure DTMO systems are accredited and maintain ATO

Coordinate with the DTMO ISSM to maintain DTMO system security packages

Support the Authorizing Official (AO) and Security Control Assessor (SCA) to ensure systems remain compliant

Work with the ISSM to record, track, and close all applicable POA&Ms

Participate in audit support during planned assessment events

Coordinate with DMDC to report security status of DTMO systems via automated and manual tools

Monitor and audit security event logging, generate reports, and analyze findings

Analyze system vulnerability reports and recommend and implement remediation efforts

Ensure system patches are applied to address security vulnerabilities

Review security controls to ensure appropriate access control measures are in place

Develop and submit Deviation Requests to authorize deviations from DoW STIG requirements

Develop and maintain system security documentation including System Security Plans (SSPs), Security Assessment Reports (SARs), and Risk Assessment Reports (RARs)

Support incident response activities and coordinate with DMDC on security incidents

Provide cybersecurity guidance and recommendations to DTMO leadership

Support cloud security compliance and ensure adherence to DoD cloud computing requirements

Stay current on emerging cybersecurity threats and recommend appropriate countermeasures

Conduct security assessments and penetration testing coordination

Support continuous monitoring activities and ensure compliance with DoW Information Assurance Vulnerability Management (IAVM) requirements

Responsibilities

Qualifications: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill and ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

Education:

Required

Bachelor's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field or Certified Information Systems Security Professional (CISSP) certification

Microsoft Certified Solutions Expert (MCSE) Cloud Platform and Infrastructure, AWS Certified Solutions Architect, Red Hat Certified System Administrator in Red Hat OpenStack, or equivalent

Preferred

Master's degree in a related discipline

CompTIA Security+

Experience / Certifications:

5+ years experience in cybersecurity field

Extensive experience supporting federal cybersecurity programs or initiatives, preferably under government contracts or GWAC vehicles

Strong knowledge of NIST cybersecurity frameworks, including RMF and NIST SP 800-series publications

Experience with security architecture, vulnerability management, and cybersecurity risk assessment

Familiarity with federal cybersecurity compliance requirements, including FISMA and agency cybersecurity policies

5+ years experience with Risk Management Framework (RMF) / NIST 800-37

DoW Security Technical Implementation Guides (STIGs)

Experience with Enterprise Mission Assurance Support Service (eMASS)

Experience with vulnerability assessment and remediation

Experience with security event logging and monitoring

Plan of Action and Milestones (POA&M) management

Cloud security (AWS, Azure, or Red Hat OpenStack)

Experience with Splunk technology for security and compliance

Experience with SaaS, PaaS, and cloud platforms

Please note: Mano Lani LLC reserves the right to change or modify job duties and assignments at any time. The above job description is not all encompassing. Positions functions and qualifications may vary depending on business needs.

Mano Lani LLC is an equal opportunity employer and does not discriminate against applicants based on race, color, creed, religion, medical condition, legally protected genetic information, national origin, sex (including pregnancy, childbirth or related medical condition), sexual orientation, gender identity and expression, age, disability, or Vietnam era, or other eligible veteran status or legally protected characteristics.

Posted Salary Range

USD $150,000.00 - USD $180,000.00 /Yr.