Cybersecurity A&A Subject Matter Expert

 Posted 2 hours ago
     
5-10 years experience
Apply Now

Please mention DailyRemote when applying

AI Summary

Lead Risk Management Framework (RMF) activities and support the Authorization to Operate (ATO) lifecycle for DoD cybersecurity programs. Provide expert guidance on compliance and security control assessments across traditional IT, cloud, and operational technology environments.
Benefits:
  • 401(k)
  • Dental insurance
  • Health insurance
  • Paid time off
  • Vision insurance
Job Summary
We are seeking an experienced Cybersecurity Assessment & Authorization (A&A) Subject Matter Expert (SME) to support Department of Defense (DoD) cybersecurity programs. The A&A SME will lead Risk Management Framework (RMF) activities, support the Authorization to Operate (ATO) lifecycle, and provide expert guidance on cybersecurity compliance for complex enterprise environments, including traditional IT, cloud-hosted systems, operational technology (OT), applications, and outsourced IT services. The position requires expertise in NIST SP 800-53, DoD cybersecurity policies, and enterprise risk management.
 
Key Responsibilities
  • Serve as the cybersecurity SME for Assessment & Authorization (A&A) and RMF activities.
  • Lead and support the development, review, and maintenance of RMF authorization packages, including SSPs, SARs, POA&Ms, and ATO documentation.
  • Assess security controls in accordance with NIST SP 800-53 and DoD cybersecurity requirements.
  • Evaluate vulnerabilities, determine residual risk, and recommend risk mitigation strategies to support authorization decisions.
  • Conduct security control assessments and continuous monitoring activities to maintain system authorization.
  • Support enterprise cybersecurity compliance for on-premises, cloud, and hybrid environments.
  • Advise Information System Owners (ISOs), ISSMs, ISSOs, engineers, and Authorizing Officials throughout the RMF process.
  • Prepare executive-level briefings and communicate cybersecurity risks, authorization status, and remediation recommendations to senior leadership.
  • Ensure compliance with DoD cybersecurity policies, DISA STIGs, and applicable federal security standards.
Minimum Qualifications
  • Experience: Minimum five (5) years of relevant experience in Assessment & Authorization (A&A), Certification & Accreditation (C&A), Risk Management Framework (RMF), and NIST cybersecurity compliance within a DoD environment.
  • Demonstrated experience conducting security control assessments and authorization reviews for large, complex organizations.
  • Strong knowledge of NIST SP 800-53, DoDI 8510.01, DoD RMF, continuous monitoring, and cybersecurity governance.
  • Excellent analytical, technical writing, communication, and briefing skills.
Education
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related field (or equivalent experience, if permitted by contract).
 
Certifications
 
Required: DoD 8570/8140 Baseline Certification – IAM Level III (e.g., CISSP, CISM, GSLC, or equivalent approved certification).

This is a remote position.

Similar Jobs

See all Remote Teaching jobs →

Personalize your Remote Job Search in 3 Easy Steps!

Discover remote opportunities in Teaching

Answer easy questions

Answer easy questions

200,000+ jobs across 15+ categories

Get your best job matches

Get your best job matches

Only hand-screened, legit jobs

Find a remote job faster

Find a remote job faster

No ads, scams, or junk

I was the first applicant for a remote marketing position that got listed on the company website the same day I applied. Had an interview within 48 hours!

Sarah J. — Sarah J. · Marketing Manager ★★★★★ Verified