CYBERSECURITY SUBJECT MATTER EXPERT - LEAD
Description:
Overview
iP-Plus Consulting is seeking a Cybersecurity Subject Matter Expert (SME) Lead to support an upcoming Federal program. The SME Lead serves as the top technical authority for the Cybersecurity Assessment Program within a large Federal agency environment. You will mentor a team of engineers, drive inspection readiness, and ensure every artifact, report, and deliverable meets the highest DoD cybersecurity standards. In this role, you will operate at the strategic level while executing hands-on with documentation, risk management, and remediation oversight across both NIPRNET and SIPRNET environments.
Key Responsibilities
Serve as the primary technical expert for the Cybersecurity Assessment Program, providing direction, interpretation, and solutions to complex cybersecurity challenges
Lead and mentor a team of cybersecurity engineers; establish priorities, assign tasks, and enforce DoD-standard engineering practices
Oversee end-to-end POA&M lifecycle management - documentation, remediation tracking, status updates, and closure
Develop, validate, and maintain RMF artifacts and critical cybersecurity documentation including:
SSP, CONOPS, Incident Response Plan, Contingency Plan, and Configuration Management Plan
Scan Reports, Security Audit Reports, IAVA Statistics, ST&E Reports, and POA&Ms
Lead enterprise preparation and response for DoD cybersecurity inspections: CCRI, CORA, and Blue Team assessments
Conduct A&A authorization reviews and security control assessments for large, complex Federal agency environments
Interpret evolving DoD cybersecurity documentation and compliance requirements to produce authoritative, inspection-ready artifacts
Generate analytics and trend reports using data from vulnerability scanners, configuration tools, and security platforms to support leadership decision-making
Apply expertise across Cloud, ICS, and OT infrastructures to address emerging cybersecurity requirements
Brief senior leadership on cybersecurity posture, risk findings, and program status Required Qualifications
10 years of IT experience
10 years of DoD Cybersecurity experience
10 years of Risk Management Framework (RMF) and NIST A&A experience
Active DoD Secret Clearance - IT-II Non-Critical Sensitive / Tier 3 (T3)
SME-level experience conducting authorization reviews for large, complex organizations
SME-level knowledge of STIGs, TCG configuration guides, IAVMs, and Task Orders
Proven hands-on experience preparing enterprise environments for CCRI, CORA, and Blue Team assessments
Expert ability to produce system documents: SSP, CONOPS, Incident Response, Contingency, and Configuration Management Plans
Proficiency with Microsoft Excel, Access, Power BI, and Power Platforms
Strong written and verbal communication skills; able to brief senior leadership and translate technical findings for non-technical audiences Required Certifications
DoD 8570 IAT Level 3 required (transitioning to DoD 8140)
ACAS and Tanium certifications
ICS300 or equivalent OT/ICS Cybersecurity Certification
D Account Access computing environment Required Security Clearance
Active DoD Secret clearance Preferred Skills
Background in Cloud, ICS, or OT cybersecurity domains
Experience working across multiple Federal agency environments or enterprise-scale DoD programs
Familiarity with eMASS and enterprise artifact management workflows
Experience developing or refining SOPs and TTPs for cybersecurity operations
Strong analytical and problem-solving skills with the ability to work independently with minimal oversight
Experience producing IAVA Statistics, ST&E Reports, and Patch Management Plans
This position is contingent upon contract award. Employment is expected to begin upon successful award and funding of the program.