Cybersecurity Subject Matter Expert, SME

Job Description

Seeking a Cybersecurity Subject Matter Expert (SME) to provide expert technical guidance and analysis for cybersecurity and risk assessment initiatives, including supply chain risk management. The SME will develop and maintain standard operating procedures (SOPs) to support assessment execution and implementation. Responsibilities include conducting security assessments and hands-on testing, analyzing results, documenting risks, and recommending appropriate countermeasures. The role involves identifying and reporting on system vulnerabilities, threats, and security gaps. The SME will review program-level documentation, develop security evaluation test plans, and support the implementation of information security policies. Ensuring compliance with frameworks and regulations, performing risk assessments, and coordinating with cross-functional teams are also key aspects. The role requires preparing and delivering briefings to leadership, analyzing data to produce actionable insights, overseeing the design of security support systems, and collaborating with stakeholders to map system functionality to security controls and compliance requirements.

Qualifications

1. Education: Master’s degree (MS/MA) in Cybersecurity, Information Technology, Computer Science, or a related field. 2. Experience: Minimum of 8+ years of relevant experience in cybersecurity, risk management, or assessment operations. Experience supporting federal or highly regulated environments preferred. 3. Certifications (preferred): CISSP, CISM, CISA, CEH, or other relevant industry certifications.