Cybersecurity Specialist

SMS is seeking a Cybersecurity Subject Matter Expert (SME) and advisor to the Army’s Enterprise Cloud Modernization Agency (ECMA). This postition supports security control assessment and remediation, provides cyber system architecture and engineering expertise and operational support, technical advice, develops and reviews cyber security policy and threat models and supports expanding CSSP offerings and C5ISR efforts. The role may lead small teams and will provide mentoring and guidance to Cyber teammates.

As a dynamic systems integrator, SMS offers proven solutions in engineering, operations, cybersecurity, and digital transformation. With expertise in modernizing and optimizing legacy infrastructure and systems, ensuring operational efficiency, and designing, implementing, and managing secure environments, SMS supports business and mission goals with proficiency, quality, and integrity.

SMS has been serving the advanced information technology needs of the federal government since 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 45 years. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. For additional information on SMS, visit www.sms.com.

Submit your resume today!

• Providing expertise in selecting relevant technical solutions to ensure data is secure within all cloud service models. In this role, the Candidate provide expertise in selection and deployment of a Security Information and Event Management (SIEM) system that is user-friendly and relevant to mission-sets across the Army.
• Supporting data security throughout the life-cycle in cloud environments (Create, Store, Use, Share, Archive and Delete)
• Providing support to streamline inheritable controls from the Cloud Service provider down to Application owners
• Providing recommendations to processes and procedures to further automate validation checks of STIGs, vulnerability detection, and static code analysis
• Supporting business continuity activities to include continuity planning, conducting business impact assessments, creating systems and processes of prevention and recovery to deal with potential threats to the Army
• Enabling on-going operations before and during service interruptions or actual execution of a disaster recovery operations
• Creating spillage processes, ultimately enabling Army customers to immediately remediate.
• Supporting the Risk Management Framework Cloud (RMFc) process and assisting with developing RMFc documentation for customers and application owners across all Cloud service models and shared services
• Reviewing and making recommendations of customer RMFc documentation as required and assisting the authorizing official (AO) with the certification of all Army cloud instantiations
• Using eMASS and the Security Control Assessment functions of eMASS.
• Develop and ensure that plans of actions and milestones (POA&M) are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Leading small project/task teams, providing taskings to team members, monitoring progress, reviewing work product, and guiding team efforts

Minimum Requirements

• Must have expert knowledge of the SRG, IL’s
• Direct and relevant experience in the above areas
• Strong working knowledge of large, complex IT environments
• Experience implementing solutions and services in a similar sized organization
• Expert ability to communicate effectively in both oral and written forms with all levels of staff
• 5 or more years professional experience in a related field
• Three or more years of experience in Army, DoD, or IC at the Headquarters, Department of the Army, or major command level (e.g. ARCYBER, NETCOM, 7^th Signal Command, Program Executive Office, etc.) or in industry implementing similar solutions
• Experience in leading small teams
• Currently possess, and retain, an active DoD TOP SECRET clearance
• Must possess a minimum of a CompTIA Security+ CE

Preferred Requirements

• Bachelor’s degree in a technical field (e.g. Cybersecurity, Computer Science, Cloud, or other IT degree)
• CISM and CISSP preferred
• Cloud certification (AWS, Microsoft, Google, etc.)
• Project Management experience, Project Management Professional (PMP) certification

SMS is a dynamic systems integrator established in 1976, delivering talented teams and innovative, cost-effective solutions and services to support our customers’ missions for more than 47 years. Our ability to hire and retain quality people in a rapidly evolving IT market is proven through our employee retention rate averaging over 3 years. At SMS, we place a high value on quality of service, customer satisfaction, and best-of-breed policies and practices, resulting in CMMI Level 3 certification and ISO registrations including 9001:2015, 20000-1:2018, and ISO/IEC 27001:2013. SMS is headquartered in McLean, Virginia, with offices and on-site operations at customer locations throughout the United States. 

SMS is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability, or status as a protected veteran.