Posted 1 month ago
Secret
Senior Level Career (10+ yrs experience)
Unspecified
IT - QA and Test
Kearneysville, WV (Off-Site/Hybrid)•Alexandria, VA (Off-Site/Hybrid)
We are seeking an experienced Cybersecurity Subject Matter Expert (SME) to serve as an Information System Security Officer (ISSO) supporting a major DoD Software Factory. This role focuses on integrating Continuous ATO (cATO) into a modern CI/CD DevSecOps pipeline, securing cloud-native and containerized environments, and managing traditional RMF ATO/SA&A activities. The ideal candidate has at least 7+ years of cybersecurity engineering experience, including a strong background in DoD cybersecurity, Kubernetes/Docker container security, data fabric architecture, and secure software supply chain practices.
Key Responsibilities
• Integrate DoD cATO workflows into CI/CD DevSecOps pipelines.
• Automate security testing (SAST/DAST/SCA), supply chain validation, and IaC compliance.
• Secure cloud and container environments (AWS/Azure, Docker, Kubernetes).
• Support RMF SA&A / ATO documentation, assessments, and artifact development.
• Implement continuous monitoring, active cyber defense, and Zero Trust principles.
• Support data fabric/data mesh security design and deployment strategies.
• Provide team training on DoD DevSecOps, cATO, and secure software development practices.
Required Qualifications
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. Experience will be considered in lieu of degree for candidates with 11+ years of experience.
• 7+ years of experience in cybersecurity assessment and/or cybersecurity engineering roles.
• One or more of the following certifications: CISSP, CISM, GSLC
• Experience integrating security assessments and processes withing DoD DevSecOps pipelines and/or software factories.
• Hands-on experience with Kubernetes, Docker, and cloud security (AWS/Azure).
• Strong knowledge of RMF, DODI 8510.01, NIST 800-53, SSDF (NIST 800-218), and DoD cATO policies and CONOPS.
• Proficiency with automation and security tools (Terraform, Ansible, Trivy, Fortify, SonarQube, Anchore, etc.).
• Strong communication and collaboration skills.
• Ability to work in a fast-paced, modernized DevSecOps environment.
Preferred Qualifications
• Experience with DoD Software Factories or DSOP environments.
• Familiarity with SBOM generation, data fabric architectures, or policy-as-code tools.
Key Responsibilities
• Integrate DoD cATO workflows into CI/CD DevSecOps pipelines.
• Automate security testing (SAST/DAST/SCA), supply chain validation, and IaC compliance.
• Secure cloud and container environments (AWS/Azure, Docker, Kubernetes).
• Support RMF SA&A / ATO documentation, assessments, and artifact development.
• Implement continuous monitoring, active cyber defense, and Zero Trust principles.
• Support data fabric/data mesh security design and deployment strategies.
• Provide team training on DoD DevSecOps, cATO, and secure software development practices.
Required Qualifications
• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field. Experience will be considered in lieu of degree for candidates with 11+ years of experience.
• 7+ years of experience in cybersecurity assessment and/or cybersecurity engineering roles.
• One or more of the following certifications: CISSP, CISM, GSLC
• Experience integrating security assessments and processes withing DoD DevSecOps pipelines and/or software factories.
• Hands-on experience with Kubernetes, Docker, and cloud security (AWS/Azure).
• Strong knowledge of RMF, DODI 8510.01, NIST 800-53, SSDF (NIST 800-218), and DoD cATO policies and CONOPS.
• Proficiency with automation and security tools (Terraform, Ansible, Trivy, Fortify, SonarQube, Anchore, etc.).
• Strong communication and collaboration skills.
• Ability to work in a fast-paced, modernized DevSecOps environment.
Preferred Qualifications
• Experience with DoD Software Factories or DSOP environments.
• Familiarity with SBOM generation, data fabric architectures, or policy-as-code tools.
group id: 91092480
