Job Requirements
Fairfax, VA
Secret Polygraph Unspecified
Career Level not specified
Salary not specified
Join Premium to unlock estimated salaries 
Job Description
Job Description
Everforth ECS is seeking a Senior Zero Trust Compliance Officer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
• The Senior Zero Trust Compliance Officer serves as WDP's senior-level authority for translating Zero Trust technical implementations into defensible, audit-ready authorization artifacts aligned with the DoW Zero Trust Reference Architecture, DoW Zero Trust Strategy, and NIST Special Publication 800-207. This role directly supports WDP's cybersecurity authorization lifecycle across Unclassified, Secret, and Top Secret environments, ensuring that Zero Trust compliance posture remains current, transparent, and mission-enabling at every stage of the WDP security authorization continuum.
• Designs, documents, and validates Zero Trust compliance across DoW mission systems operating on unclassified and classified networks.
• Translates Zero Trust technical implementations into defensible authorization artifacts aligned with DoW guidance, NIST control families, and the DoW Zero Trust Reference Architecture.
• Evaluates identity-centric access controls, network micro-segmentation, continuous authentication mechanisms, and encrypted traffic protections for compliance sufficiency and audit readiness.
• Maintains System Security Plans, Security Assessment Reports, and Plans of Action and Milestones reflecting Zero Trust capabilities using eMASS, Xacta, and controlled SharePoint repositories.
• Conducts Zero Trust maturity assessments, traces capability alignment to control objectives, and documents compliance posture for review by Authorizing Officials, Senior Information Security Officers, and Component cybersecurity leadership.
• Coordinates with cybersecurity engineers, network teams, and system owners to reconcile technical configurations with authorization requirements.
• Reviews vulnerability findings, control assessment results, and continuous monitoring outputs to validate Zero Trust control effectiveness.
• Produces compliance dashboards, executive summaries, and evidence packages supporting authorization decisions and mission risk awareness.
• Supports inspections, penetration testing reviews, and governance boards through structured documentation and authoritative briefings.
• Advances program values of mission assurance, audit transparency, cyber resilience, and operational trust by delivering consistent compliance alignment between Zero Trust engineering and security authorization outcomes.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance.
• A minimum of 10 years of experience in cybersecurity compliance, security authorization, or Risk Management Framework governance within a federal, defense, or intelligence community environment, with demonstrated expertise in Zero Trust architecture compliance and authorization package development.
• Active IAM Level I certification, satisfied by one of the following: CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Demonstrated hands-on experience developing, maintaining, and submitting RMF authorization packages using eMASS or Xacta, including System Security Plans, Security Assessment Reports, Plans of Action and Milestones, and Body-of-Evidence artifacts supporting Authorization to Operate decisions across Unclassified, Secret, and Top Secret environments.
• Proven ability to assess and document compliance against the DoW Zero Trust Reference Architecture and NIST SP 800-207, including evaluation of identity-based access controls, network micro-segmentation, continuous monitoring, and encrypted communications in support of enterprise Zero Trust maturity progression.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
• Active Certified Information Systems Security Professional (CISSP) certification, consistent with DoW program requirements for senior cybersecurity governance and authorization leadership roles.
• Experience operating within or supporting multi-enclave cybersecurity environments spanning NIPRNet, SIPRNet, and JWICS, with a working understanding of cross-domain authorization constraints, continuous monitoring architectures, and the unique compliance obligations associated with each classification tier.
• Familiarity with the DoW Cybersecurity Service Provider (CSSP) model, Cybersecurity Operations Plan (CYP) development, and the transition from the traditional seven-step RMF to the five-phase Cybersecurity and Risk Management Continuum (CSRMC), including how these frameworks affect Zero Trust compliance planning and authorization strategy.
• Experience with Identity, Credential, and Access Management (ICAM) technologies - including Attribute-Based Access Control (ABAC), Privileged Access Management (PAM), and Identity Provider (IdP) federation - and the ability to assess these capabilities against Zero Trust control objectives as part of a broader enterprise security compliance and authorization program.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
Everforth ECS is seeking a Senior Zero Trust Compliance Officer to work in the National Capital Region covering the Pentagon, Falls Church, and Fairfax . Please Note: This position is contingent upon contract award.
The War Data Platform (WDP) is a key initiative within the U.S. Department of War's (DoW) AI-First strategy introduced in early 2026. The WDP separates business and financial data from operational warfighting data, aiming to accelerate the deployment of artificial intelligence (AI) on the battlefield. The WDP extends to Unclassified, Secret, and Top Secret environments, and supports collaboration between Combatant Commands, Joint Staff directorates, Senior Executive Service leaders, and operational analysts.
• The Senior Zero Trust Compliance Officer serves as WDP's senior-level authority for translating Zero Trust technical implementations into defensible, audit-ready authorization artifacts aligned with the DoW Zero Trust Reference Architecture, DoW Zero Trust Strategy, and NIST Special Publication 800-207. This role directly supports WDP's cybersecurity authorization lifecycle across Unclassified, Secret, and Top Secret environments, ensuring that Zero Trust compliance posture remains current, transparent, and mission-enabling at every stage of the WDP security authorization continuum.
• Designs, documents, and validates Zero Trust compliance across DoW mission systems operating on unclassified and classified networks.
• Translates Zero Trust technical implementations into defensible authorization artifacts aligned with DoW guidance, NIST control families, and the DoW Zero Trust Reference Architecture.
• Evaluates identity-centric access controls, network micro-segmentation, continuous authentication mechanisms, and encrypted traffic protections for compliance sufficiency and audit readiness.
• Maintains System Security Plans, Security Assessment Reports, and Plans of Action and Milestones reflecting Zero Trust capabilities using eMASS, Xacta, and controlled SharePoint repositories.
• Conducts Zero Trust maturity assessments, traces capability alignment to control objectives, and documents compliance posture for review by Authorizing Officials, Senior Information Security Officers, and Component cybersecurity leadership.
• Coordinates with cybersecurity engineers, network teams, and system owners to reconcile technical configurations with authorization requirements.
• Reviews vulnerability findings, control assessment results, and continuous monitoring outputs to validate Zero Trust control effectiveness.
• Produces compliance dashboards, executive summaries, and evidence packages supporting authorization decisions and mission risk awareness.
• Supports inspections, penetration testing reviews, and governance boards through structured documentation and authoritative briefings.
• Advances program values of mission assurance, audit transparency, cyber resilience, and operational trust by delivering consistent compliance alignment between Zero Trust engineering and security authorization outcomes.
• Performs other duties as assigned.
Required Skills
• Current Secret security clearance with the ability to obtain and maintain a Top Secret (TS) security clearance.
• A minimum of 10 years of experience in cybersecurity compliance, security authorization, or Risk Management Framework governance within a federal, defense, or intelligence community environment, with demonstrated expertise in Zero Trust architecture compliance and authorization package development.
• Active IAM Level I certification, satisfied by one of the following: CompTIA Security+ CE, ISC² CAP, ISC² SSCP, or GIAC GSLC.
• Demonstrated hands-on experience developing, maintaining, and submitting RMF authorization packages using eMASS or Xacta, including System Security Plans, Security Assessment Reports, Plans of Action and Milestones, and Body-of-Evidence artifacts supporting Authorization to Operate decisions across Unclassified, Secret, and Top Secret environments.
• Proven ability to assess and document compliance against the DoW Zero Trust Reference Architecture and NIST SP 800-207, including evaluation of identity-based access controls, network micro-segmentation, continuous monitoring, and encrypted communications in support of enterprise Zero Trust maturity progression.
• Strong problem-solving and decision-making capabilities, with a proven ability to weigh the relative costs and benefits of potential actions and identify the most appropriate solution.
• Highly developed interpersonal and oral/written communication skills, with the ability to effectively and professionally interact with a diverse set of stakeholders (from peers to end-users to executive management).
Desired Skills
• Active Top Secret (TS) security clearance with Sensitive Compartmented Information (SCI) eligibility.
• Active Certified Information Systems Security Professional (CISSP) certification, consistent with DoW program requirements for senior cybersecurity governance and authorization leadership roles.
• Experience operating within or supporting multi-enclave cybersecurity environments spanning NIPRNet, SIPRNet, and JWICS, with a working understanding of cross-domain authorization constraints, continuous monitoring architectures, and the unique compliance obligations associated with each classification tier.
• Familiarity with the DoW Cybersecurity Service Provider (CSSP) model, Cybersecurity Operations Plan (CYP) development, and the transition from the traditional seven-step RMF to the five-phase Cybersecurity and Risk Management Continuum (CSRMC), including how these frameworks affect Zero Trust compliance planning and authorization strategy.
• Experience with Identity, Credential, and Access Management (ICAM) technologies - including Attribute-Based Access Control (ABAC), Privileged Access Management (PAM), and Identity Provider (IdP) federation - and the ability to assess these capabilities against Zero Trust control objectives as part of a broader enterprise security compliance and authorization program.
ECS Federal LLC is an equal opportunity employer and does not discriminate or allow discrimination on the basis any characteristic protected by law. All qualified applicants will receive consideration for employment without regard to disability, status as a protected veteran or any other status protected by applicable federal, state, or local jurisdiction law.
is the federal segment of , a $4B global organization with over 10,000 employees. Our nearly 3,500 professionals deliver advanced technology solutions in data and AI, cybersecurity, and enterprise transformation, serving defense, intelligence, and federal civilian agencies.
Our work powers mission-critical outcomes, strengthens technology partnerships, and creates meaningful opportunities for our people. We are defined by a commitment to excellence in delivery, a culture of innovation, and an environment where talent can thrive and grow.
We value:
- Attracting and developing top talent and high-performing teams
- Fostering a culture that is engaging, accountable, and mission-driven
group id: 10112231A