Cybersecurity SME

About Us:

Yudrio Inc. is a leading provider of innovative cybersecurity solutions for federal agencies. With over 20 years of experience, we are committed to helping our clients secure their systems and exceed their mission requirements. We are looking for a seasoned Senior Cyber Security SME to join our team and contribute to our ongoing success.

Position Overview:

We are seeking a highly experienced Senior Cyber Security SME with a strong background in federal cybersecurity practices and standards. The ideal candidate will have extensive experience in end-to-end cybersecurity reviews, Authority to Operate (ATO) processes, and implementing controls on FedRAMP High systems. This role requires a deep understanding of the Risk Management Framework (RMF), Zero Trust principles, and federal cybersecurity compliance standards such as CMMC, NIST, FIPS, and FISMA.

The candidate must be located in the DC metro area and be willing to work at the client site two days a week.

Key Responsibilities:

• Conduct comprehensive cybersecurity reviews, including log analysis and monitoring.
• Lead and manage the ATO process, ensuring compliance with FedRAMP High standards.
• Select, implement, and assess security controls within federal systems.
• Utilize RMF to support the development and maintenance of system security plans.
• Implement and manage Zero Trust architecture principles.
• Work with CSAM (Cyber Security Assessment and Management) or JCAM (Justice Compliance and Audit Management) tools at the Department of Justice (DOJ).
• Provide expertise in vulnerability management and DevSecOps practices.
• Assist in the development and implementation of security policies and procedures in compliance with CMMC, NIST, FIPS, and FISMA.
• Support the identification, assessment, and mitigation of security vulnerabilities.
• Collaborate with various stakeholders to ensure security requirements are met.
• Stay current with emerging cybersecurity trends, threats, and technologies.
• Support the client s CISO by interfacing with the cybersecurity team and assisting with privacy requirements.
• Work with the technical team to support monthly scans, access control, and the integration of web-based applications with the client s Splunk system.
• Demonstrate expertise in Zscaler and Okta.
• Experience with Salesforce, ServiceNow, AWS, and Microsoft Azure cloud security is a plus.

Required Qualifications:

• Education: Bachelor s degree in Computer Science, Information Technology, Cybersecurity, or a related field. Master s degree preferred.
• Certifications: CISSP (Certified Information Systems Security Professional), PMP (Project Management Professional), or other relevant cybersecurity certifications.
• Experience: Minimum of 7 years of experience in the federal cybersecurity space.
• Proven experience in performing end-to-end cybersecurity reviews and log analysis.
• Demonstrated expertise in the ATO process, including the selection and implementation of security controls on FedRAMP High systems.
• Strong understanding and experience with RMF, Zero Trust, CMMC, NIST, FIPS, and FISMA.
• Experience with vulnerability management and DevSecOps practices.
• Hands-on experience with CSAM or JCAM tools at DOJ.
• Excellent analytical, problem-solving, and communication skills.
• Ability to work independently and as part of a team in a hybrid work environment.

Benefits:

• Competitive salary and comprehensive benefits package.
• Opportunities for professional development and career growth.
• Flexible hybrid work environment.
• Collaborative and inclusive company culture.
• Recognition as one of the Washington Post's Best Workplaces in 2024.