SMX
Cybersecurity SME Sr. (4756) (TS/SCI) (Ft. Shafter, HI)
SMX, Honolulu, Hawaii, United States, 96814
Cybersecurity SME Sr. (4756) (TS/SCI) (Ft. Shafter, HI)
SMX is seeking a
Cybersecurity SME Senior
to support GISA at Fort Shafter, HI. The successful candidate will have experience working as an ISSO on large Department of Defense contracts and leading a team of cyber security professionals in support of project and client goals.
Responsibilities
Perform the duties of an Information System Security Officer (ISSO) as defined in AR 25‑2, DA 25‑2‑14, and the NIST SP 800‑53 security controls when the organizationally‑defined personnel includes the ISSO.
Actively manage the organization’s eMASS records, including but not limited to validating security controls and artifacts, assessing security scan results and STIGs as required, performing POA&M updates, tracking, and resolution.
Lead the continuous monitoring activities of the organization.
Manage the day‑to‑day activities and professional development of the Cybersecurity Analysts.
Collaborate with the O‑ISSM on all assessment and authorization activities to ensure the information systems maintain an authority to operate (ATO) on all applicable DoD/IC networks.
Maintain up‑to‑date status on all assigned systems and communicate status to the Government leads.
Maintain complete records of communications, submit written status reports as required, perform peer review as directed, and attend weekly meetings.
Correspond with the Government customer and system administrators to communicate any unacceptable risks identified and correct deficient POA&M items to meet DoD and IC standards.
Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and to mission data.
Create and maintain cybersecurity policies and standards.
Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Ensure security scans and STIG checklists are updated according to DA G2 policy.
Produce actionable, risk‑based reports on security assessment results.
Assist with vulnerability remediation when necessary.
Develop and maintain security plans and security testing plans.
Periodically update and improve risk models, metrics, reports, processes, and activities to stay compliant with evolving DoD and IC standards.
Ensure the user community understands and adheres to necessary procedures to maintain security posture of the information systems.
Provide guidance in the creation and maintenance of SOPs, TTPs, and other similar documentation.
Requirements
PhD in Science, Technology, Engineering, or Mathematics with at least 15 years’ experience as a cybersecurity professional OR a Master’s degree with at least 18 years’ experience OR a Bachelor’s degree with at least 20 years’ experience.
Active TS security clearance and eligible for SCI and NATO read‑on prior to starting work.
Meet DoD 8140 / 8570.01‑m requirements for a privileged user on a TS/SCI information system prior to starting work.
15 years’ experience with assessment and accreditation activities of national security systems (NSSs).
10 years’ experience validating system security controls.
10 years’ experience with vulnerability management.
10 years’ experience with DISA STIGs, DISA SRG, and vendor‑specific security guides.
8 years’ experience with RMF and eMASS.
5 years’ experience with POA&M tracking and resolution.
3 years’ experience performing continuous monitoring of system security controls.
10 years’ experience as an ISSO on Army Intel programs.
2 years’ experience with AC2SP tenant assessment and accreditation activities.
Application Deadline: November 24, 2025
Salary: $115,600 – $192,700 USD
SMX is an Equal Opportunity employer including disabilities and veterans. Selected applicant may be subject to a background investigation and/or education verification. SMX does not sponsor new applicants for employment authorization or immigration related support for this position.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Engineering and Information Technology
Industries IT Services and IT Consulting
#J-18808-Ljbffr
Cybersecurity SME Senior
to support GISA at Fort Shafter, HI. The successful candidate will have experience working as an ISSO on large Department of Defense contracts and leading a team of cyber security professionals in support of project and client goals.
Responsibilities
Perform the duties of an Information System Security Officer (ISSO) as defined in AR 25‑2, DA 25‑2‑14, and the NIST SP 800‑53 security controls when the organizationally‑defined personnel includes the ISSO.
Actively manage the organization’s eMASS records, including but not limited to validating security controls and artifacts, assessing security scan results and STIGs as required, performing POA&M updates, tracking, and resolution.
Lead the continuous monitoring activities of the organization.
Manage the day‑to‑day activities and professional development of the Cybersecurity Analysts.
Collaborate with the O‑ISSM on all assessment and authorization activities to ensure the information systems maintain an authority to operate (ATO) on all applicable DoD/IC networks.
Maintain up‑to‑date status on all assigned systems and communicate status to the Government leads.
Maintain complete records of communications, submit written status reports as required, perform peer review as directed, and attend weekly meetings.
Correspond with the Government customer and system administrators to communicate any unacceptable risks identified and correct deficient POA&M items to meet DoD and IC standards.
Coordinate with the Security Control Assessor (SCA) to perform analysis of the overall risk level the system poses to enterprise networks and to mission data.
Create and maintain cybersecurity policies and standards.
Ensure that cybersecurity plans, controls, processes, standards, policies, and procedures are aligned with cybersecurity standards.
Ensure security scans and STIG checklists are updated according to DA G2 policy.
Produce actionable, risk‑based reports on security assessment results.
Assist with vulnerability remediation when necessary.
Develop and maintain security plans and security testing plans.
Periodically update and improve risk models, metrics, reports, processes, and activities to stay compliant with evolving DoD and IC standards.
Ensure the user community understands and adheres to necessary procedures to maintain security posture of the information systems.
Provide guidance in the creation and maintenance of SOPs, TTPs, and other similar documentation.
Requirements
PhD in Science, Technology, Engineering, or Mathematics with at least 15 years’ experience as a cybersecurity professional OR a Master’s degree with at least 18 years’ experience OR a Bachelor’s degree with at least 20 years’ experience.
Active TS security clearance and eligible for SCI and NATO read‑on prior to starting work.
Meet DoD 8140 / 8570.01‑m requirements for a privileged user on a TS/SCI information system prior to starting work.
15 years’ experience with assessment and accreditation activities of national security systems (NSSs).
10 years’ experience validating system security controls.
10 years’ experience with vulnerability management.
10 years’ experience with DISA STIGs, DISA SRG, and vendor‑specific security guides.
8 years’ experience with RMF and eMASS.
5 years’ experience with POA&M tracking and resolution.
3 years’ experience performing continuous monitoring of system security controls.
10 years’ experience as an ISSO on Army Intel programs.
2 years’ experience with AC2SP tenant assessment and accreditation activities.
Application Deadline: November 24, 2025
Salary: $115,600 – $192,700 USD
SMX is an Equal Opportunity employer including disabilities and veterans. Selected applicant may be subject to a background investigation and/or education verification. SMX does not sponsor new applicants for employment authorization or immigration related support for this position.
Seniority level Mid‑Senior level
Employment type Full‑time
Job function Engineering and Information Technology
Industries IT Services and IT Consulting
#J-18808-Ljbffr