Cyber Security Compliance SME - JSP

At ValidaTek, we modernize and optimize IT services to solve some of the most critical challenges facing federal civilian and defense agencies. Our leadership prioritizes a caring culture that allows each team member to explore their potential and innovate. As a result, our Federal Government customers trust us to provide innovative, high-quality, and repeatable results. Our commitment to quality for the past 16 years is why we are appraised at CMMI Maturity Level 5 for the delivery of IT services and development, levels only achieved by fewer than 20 companies in the United States.

www.validatek.com

Cyber Security Compliance SME

Job Summary:

ValidaTek is seeking a highly knowledgeable and experienced Cyber Compliance Subject Matter Expert (SME) to join our team. The successful candidate will be responsible for ensuring that our organization complies with all applicable cyber laws, regulations, and industry standards. The Cyber Compliance SME will work closely with all stakeholders to develop and implement policies, procedures, and controls to maintain a secure and compliant environment. The ideal candidate will serve as the knowledge expert of all cyber related activities within the program.

Key Responsibilities:

• Stay up-to-date with cyber laws, regulations, and industry standards to ensure the organization's compliance.
• Develop and implement policies, procedures, and controls to maintain a secure and compliant environment.
• Provide guidance and support to stakeholders on cyber compliance matters.
• Perform risk assessments and audits to identify potential compliance gaps and implement remediation plans.
• Monitor and report on compliance metrics to stakeholders, including senior leadership and regulatory bodies.
• Work collaboratively with internal teams and external auditors to ensure successful compliance audits.
• Manage third-party vendor compliance to ensure they meet organizational requirements.
• Develop and deliver cyber compliance training to employees and stakeholders.

Qualifications:

• Active DoD Top Secret Clearance.
• Bachelor's degree in computer science, information technology, or a related field.
• 5 years of experience in cyber compliance, including familiarity with applicable laws, regulations, and industry standards.
• Knowledge of the DoD IAVM programs, the DISA Vulnerability Management System (VMS) and the Continuous Monitoring Risk Scoring system (CMRS).
• Knowledge of the DoD vulnerability scanning requirements utilizing DOD DRSI Standards and Tools.
• Experience in FISMA, OMB, DoD IG Inspection, ACA, and other accreditation and certification programs.
• 3 years’ experience securing Operating Systems to comply with DISA STIGs; network experience configuring and maintaining desktop firewalls.
• Knowledge of the Defense in Depth concepts and implementation.
• Knowledge of A&A processes RMF NIST SP-800-37.
• Knowledge of NIST SP 800-53R Common Control documentation and validation.
• Knowledge of Incident Response, Auditing, and CNDSP.
• Knowledge of Cyber tools HBSS and ACAS.
• Experience/knowledge with Splunk, Tanium.
• Active CISSP certification.

ValidaTek is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, or disability status.

Applicants who are selected for employment will be required to verify authorization to work in the United States. 

Offers of employment will be contingent upon passing a post-offer background check.