Cybersecurity Subject Matter Expert (4977) (TS/SCI) (Ft. Belvoir, VA)

SMX is seeking a Cybersecurity Subject Matter Expert to support at Ft. Belvoir as a trusted advisor to senior leadership, by providing expert guidance on information assurance and cybersecurity.

Responsibilities & Essential Duties

• Perform the duties of an Information System Security Officer (ISSO) as defined in AR 25-2, DA 25-2-14, and the NIST SP 800-53 security controls when organizationally defined personnel include the ISSO.
• Actively manages the organization’s Risk Management Framework (RMF) processes which includes but is not limited to:
  • Applying RMF to select CI systems
  • Validates security controls including associated artifacts
  • Assesses security scan results and STIGs are required
  • Performs POA&M updates, tracking, and resolution
• Leads the continuous monitoring activities of the organization.
• Manages the day-to-day activities and the professional development of the Cybersecurity Analysts.
• Collaborates with the O-ISSM on all assessment and authorization activities to ensure the information systems maintain an authority to operation (ATO) on all applicable DoD/IC networks.
• Maintain up-to-date status on all assigned systems and communicate status to the Government leads.
• Maintain complete records of communications, submit written status reports as required, perform peer-review as directed, and attend weekly meetings.
• Correspond with the Government customer and system administrators to communicate any unacceptable risks identified and correct deficient POA&M items to meet DoD and IC standards.
• Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and to mission data.
• Create and maintain cybersecurity policies and standards.
• Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
• Ensures security scans and STIG checklists are updated according to DA G2 policy.
• Produces actionable, risk-based reports on security assessment results.
• Assists with vulnerability remediation when necessary.
• Develops and maintains security plans and security testing plans.
• Periodically updates and improves risk models; metrics; reports; processes; and activities to stay compliant with evolving DoD and IC standards.
• Ensures the user community understands and adheres to necessary procedures to maintain security posture of the information systems.
• Provides guidance in the creation and maintenance of Standard Operating Procedures (SOPs); Tactics, Techniques, and Procedures (TTPs); and other similar documentation.

Required Skills and Experience

• Active TS security clearance with eligibility for SCI and NATO read-on prior to starting work
• PhD in an area of Science, Technology, Engineering or Mathematics with at least 15 years’ experience as a cybersecurity professional OR a master’s degree in an area of Science, Technology, Engineering or Mathematics with at least 18 years’ experience as a cybersecurity professional OR bachelor’s degree in an area of Science, Technology, Engineering or Mathematics with at least 20 years’ experience as a cybersecurity professional.
• Meet the DoD requirements for a privileged user on a TS/SCI information system prior to starting work – DoD 8140 / 8570.01-m requirements – IAT III
• 15 years’ experience with the assessment and accreditation activities of national security systems (NSSs)
• 10 years’ experience validating system security controls.
• 10 years’ experience with vulnerability management.
• 10 years’ experience with DISA Security Technical Implementation Guides (STIGs); DISA Security Requirements Guide (SRG), and vendor-specific security guides.
• 8 years’ experience with RMF and eMASS.
• 5 years’ experience with POA&M tracking and resolution.
• 3 years’ experience performing the continuous monitoring of system security controls.
• 3 years’ experience with SPLUNK.

Desired Qualifications

• 10 years’ experience as an ISSO on Army Intel programs
• 2 years’ experience with AC2SP tenant assessment and accreditation activities.

Application Deadline: March 30, 2026

#CJPOST

 The SMX salary determination process takes into account a number of factors, including but not limited to, geographic location, Federal Government contract labor categories, relevant prior work experience, specific skills, education and certifications. At SMX, one of our Core Values is to Invest in Our People so we offer a competitive mix of compensation, learning & development opportunities, and benefits. Some key components of our robust benefits include health insurance, paid leave, and retirement.

The proposed salary for this position is:: $138,800 USD - $231,400 USD

At SMX®, we are a team of technical and domain experts dedicated to enabling your mission. From priority national security initiatives for the DoD to highly assured and compliant solutions for healthcare, we understand that digital transformation is key to your future success.

We share your vision for the future and strive to accelerate your impact on the world. We bring both cutting edge technology and an expansive view of what’s possible to every engagement. Our delivery model and unique approaches harness our deep technical and domain knowledge, providing forward-looking insights and practical solutions to power secure mission acceleration.

SMX is an Equal Opportunity employer including disabilities and veterans.

Selected applicant may be subject to a background investigation and/or education verification.

SMX does not sponsor a new applicant for employment authorization or immigration related support for this position (i.e. H1B, F-1 OPT, F-1 STEM OPT, F-1 CPT, J-1, TN, E-2, E-3, L-1 and O-1, or any EADs or other forms of work authorization that require immigration support from an employer).