Aug 14
Secret
Early Career (2+ yrs experience)
$160,000
Intelligence
Washing, DC (Off-Site/Hybrid)
Assessments/Mitigations Control Systems Cybersecurity Consultant_Mid
The Assessments & Mitigations Control Systems Cybersecurity Consultant will apply 3–5 years of handson experience to manage and oversee a broad range of DoD and Air Force cybersecurity assessments—
spanning Mission Assurance, Energy Resilience Readiness Exercises (ERRE), Cyber Resilience
Readiness Exercises (CRRE), and Defense Critical Infrastructure (DCI) evaluations. This mid-tier
consultant will design and orchestrate assessment engagements, develop targeted mitigation and
recovery strategies, and also ensure OT cyber equities are included in future wargames, exercises, and
assessments. The role requires strong analytical skills, thorough risk-evaluation expertise, and effective
stakeholder collaboration to continuously strengthen mission-critical cyber resilience.
Required Skills
Cybersecurity Assessment & Risk Evaluation – Leading RMF-style assessments, tabletop exercises,
and infrastructure evaluations
Mission Assurance Testing – Execution oversight of assessments that map cyber vulnerabilities to
mission-critical functions
ERRE/CRRE Process Management – Planning, conducting, and reporting on Energy/Cyber Resilience
Readiness Exercises
DCI Assessment Expertise – Evaluating and prioritizing risks to Defense Critical Infrastructure systems
Mitigation Strategy Development – Designing and coordinating response and recovery plans based on
assessment findings
Analytical Reporting – Producing detailed technical reports and executive summaries on risk posture
and mitigation effectiveness
Stakeholder Facilitation – Leading cross-functional workshops, documenting action items, and driving
closure of findings
DoD Wargaming / Exercise Experience – Building and integrating OT cyber injects into wargames to
demonstrate cyber effects on operations and test incident detection / incident response activities
Preferred Skills
Automated Assessment Tools – Using scripting (Python, PowerShell) or platforms (Nessus, SCAP) to
streamline vulnerability scanning
Data Fusion & Visualization – Building dashboards (Splunk, ELK, PowerBI) to correlate assessment
data and track metrics
Supply Chain Risk Management – Incorporating third-party and component risks into overall
assessment scope
eMASS / GRC Systems – Populating controls, evidence, and POA&Ms in eMASS or equivalent
governance tools
Digital-Twin Modeling – Applying “digital twin” frameworks to simulate control-system resilience
scenarios
Incident Response Coordination – Supporting playbook creation and after-action reviews for assessed
vulnerabilities
Cloud/Edge OT Security – Assessing resilience of OT assets integrated with AWS, Azure, or edgecomputing platforms
Professional Certification Pursuit – Progress toward CISSP, CISM, GICSP, or similar credentials
Primary Job Duties
Lead Cybersecurity Assessments
Plan and perform oversight of execution of Mission Assurance, ERRE, CRRE, and DCI assessments—
defining scope, objectives, and success criteria.
Develop & Coordinate Mitigations
Based on assessment outcomes, design remediation plans, assign responsibilities, and track
implementation through completion.
Wargame and Exercise Development & support
Design and integrate critical infrastructure cyber effect scenarios into DoD wargames, exercises, and
ongoing mission assurance assessments.
Analysis, Reporting & Briefings
Produce comprehensive reports, risk dashboards, and deliver briefings to senior stakeholders on findings
and recovery status.
Facilitate Stakeholder Workshops
Organize and lead collaborative sessions to review assessment results, refine mitigation strategies, and
promote continuous improvement.
Additional Information
Hybrid with 2-3 days onsite at Pentagon
Full time
TS/SCI required
The Assessments & Mitigations Control Systems Cybersecurity Consultant will apply 3–5 years of handson experience to manage and oversee a broad range of DoD and Air Force cybersecurity assessments—
spanning Mission Assurance, Energy Resilience Readiness Exercises (ERRE), Cyber Resilience
Readiness Exercises (CRRE), and Defense Critical Infrastructure (DCI) evaluations. This mid-tier
consultant will design and orchestrate assessment engagements, develop targeted mitigation and
recovery strategies, and also ensure OT cyber equities are included in future wargames, exercises, and
assessments. The role requires strong analytical skills, thorough risk-evaluation expertise, and effective
stakeholder collaboration to continuously strengthen mission-critical cyber resilience.
Required Skills
Cybersecurity Assessment & Risk Evaluation – Leading RMF-style assessments, tabletop exercises,
and infrastructure evaluations
Mission Assurance Testing – Execution oversight of assessments that map cyber vulnerabilities to
mission-critical functions
ERRE/CRRE Process Management – Planning, conducting, and reporting on Energy/Cyber Resilience
Readiness Exercises
DCI Assessment Expertise – Evaluating and prioritizing risks to Defense Critical Infrastructure systems
Mitigation Strategy Development – Designing and coordinating response and recovery plans based on
assessment findings
Analytical Reporting – Producing detailed technical reports and executive summaries on risk posture
and mitigation effectiveness
Stakeholder Facilitation – Leading cross-functional workshops, documenting action items, and driving
closure of findings
DoD Wargaming / Exercise Experience – Building and integrating OT cyber injects into wargames to
demonstrate cyber effects on operations and test incident detection / incident response activities
Preferred Skills
Automated Assessment Tools – Using scripting (Python, PowerShell) or platforms (Nessus, SCAP) to
streamline vulnerability scanning
Data Fusion & Visualization – Building dashboards (Splunk, ELK, PowerBI) to correlate assessment
data and track metrics
Supply Chain Risk Management – Incorporating third-party and component risks into overall
assessment scope
eMASS / GRC Systems – Populating controls, evidence, and POA&Ms in eMASS or equivalent
governance tools
Digital-Twin Modeling – Applying “digital twin” frameworks to simulate control-system resilience
scenarios
Incident Response Coordination – Supporting playbook creation and after-action reviews for assessed
vulnerabilities
Cloud/Edge OT Security – Assessing resilience of OT assets integrated with AWS, Azure, or edgecomputing platforms
Professional Certification Pursuit – Progress toward CISSP, CISM, GICSP, or similar credentials
Primary Job Duties
Lead Cybersecurity Assessments
Plan and perform oversight of execution of Mission Assurance, ERRE, CRRE, and DCI assessments—
defining scope, objectives, and success criteria.
Develop & Coordinate Mitigations
Based on assessment outcomes, design remediation plans, assign responsibilities, and track
implementation through completion.
Wargame and Exercise Development & support
Design and integrate critical infrastructure cyber effect scenarios into DoD wargames, exercises, and
ongoing mission assurance assessments.
Analysis, Reporting & Briefings
Produce comprehensive reports, risk dashboards, and deliver briefings to senior stakeholders on findings
and recovery status.
Facilitate Stakeholder Workshops
Organize and lead collaborative sessions to review assessment results, refine mitigation strategies, and
promote continuous improvement.
Additional Information
Hybrid with 2-3 days onsite at Pentagon
Full time
TS/SCI required
group id: 91123230
