IMAGINEEER LLC
Cybersecurity Subject Matter Expert Specialist
IMAGINEEER LLC, Washington, District of Columbia, us, 20022
Benefits
401(k) matching
Competitive salary
Health insurance
Paid time off
About this Role We are seeking a Cybersecurity Subject Matter Expert (SME) Specialist to provide expert guidance in cybersecurity governance, risk management, compliance, and federal cyber policy execution. This role supports cybersecurity strategic planning and operational execution across enterprise‑level cyber initiatives within the U.S. Department of Health and Human Services (HHS). The Cybersecurity SME Specialist will contribute to cybersecurity maturity improvements, federal compliance efforts, security policy development, and cross‑agency cyber coordination efforts.
This role requires familiarity with FISMA, NIST SP 800-53, FedRAMP, ISCM, HVA security, CUI handling, and federal cybersecurity reporting requirements.
Key Responsibilities Cybersecurity Advisory & Expertise
Provide cybersecurity subject matter expertise to federal stakeholders and program leadership.
Support cybersecurity planning, strategy development, and implementation of security standards.
Translate federal cybersecurity mandates into actionable implementation plans.
Cyber Governance & Policy
Assist in the development, review, and maintenance of cybersecurity policies, guidance, and standard operating procedures (SOPs).
Support cybersecurity governance reviews and contribute to policy lifecycle management.
Advise on cyber workforce training and awareness strategies.
Cyber Risk Management
Provide input for system security categorization, risk assessments, and security control selection.
Support implementation of NIST Risk Management Framework (RMF) and Enterprise Risk Management (ERM) integration.
Provide FedRAMP Moderate/High security advisory support and help evaluate High Value Assets (HVAs).
Contribute to Information Security Continuous Monitoring (ISCM) activities and Cyber Supply Chain Risk Management (C‑SCRM) efforts.
Cyber Compliance & Audit Readiness
Assist with FISMA compliance reporting and performance metric development.
Support Information System Security Officers (ISSOs) with risk documentation, POA&Ms, and ATO package preparation.
Conduct security gap assessments and audit reviews.
Ensure adherence to NIST SP 800-53 security controls and agency security requirements.
Cyber Program Support
Support Cyber Affairs & Information Management through stakeholder coordination, communications, and data‑driven analysis.
Develop and maintain cybersecurity reports, dashboards, and analytical products.
Ensure Quality Assurance for all deliverables and Section 508 compliance.
Deliver program documentation including weekly status reports, executive presentations, and meeting minutes.
Security & Compliance Requirements
Ensure compliance with federal cyber mandates: FISMA, NIST SP 800-53 Rev 5, FedRAMP Moderate/High.
CUI security requirements.
Privacy Act compliance.
Mandatory 1‑hour breach notification policies.
Qualifications and Skills
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
7+ years of experience in cybersecurity, IT risk management, or security compliance.
Strong understanding of federal cybersecurity frameworks: NIST 800‑53, NIST RMF, NIST CSF.
FISMA compliance.
FedRAMP requirements.
Experience supporting cybersecurity programs within a federal environment.
Ability to communicate complex security concepts clearly to technical and non‑technical stakeholders.
Must be able to obtain and maintain a Public Trust clearance / Must be a US citizen.
Desired Skills and Competencies
One or more certifications: CISSP, CISM, Security+, CEH, CAP, CGRC, PMP.
Experience supporting cyber programs at HHS or other federal agencies.
Knowledge of CUI handling guidelines and Privacy Act requirements.
Experience with Zero Trust strategy implementation.
Familiarity with cybersecurity data analysis, metrics, and dashboards.
Flexible work from home options available.
#J-18808-Ljbffr
401(k) matching
Competitive salary
Health insurance
Paid time off
About this Role We are seeking a Cybersecurity Subject Matter Expert (SME) Specialist to provide expert guidance in cybersecurity governance, risk management, compliance, and federal cyber policy execution. This role supports cybersecurity strategic planning and operational execution across enterprise‑level cyber initiatives within the U.S. Department of Health and Human Services (HHS). The Cybersecurity SME Specialist will contribute to cybersecurity maturity improvements, federal compliance efforts, security policy development, and cross‑agency cyber coordination efforts.
This role requires familiarity with FISMA, NIST SP 800-53, FedRAMP, ISCM, HVA security, CUI handling, and federal cybersecurity reporting requirements.
Key Responsibilities Cybersecurity Advisory & Expertise
Provide cybersecurity subject matter expertise to federal stakeholders and program leadership.
Support cybersecurity planning, strategy development, and implementation of security standards.
Translate federal cybersecurity mandates into actionable implementation plans.
Cyber Governance & Policy
Assist in the development, review, and maintenance of cybersecurity policies, guidance, and standard operating procedures (SOPs).
Support cybersecurity governance reviews and contribute to policy lifecycle management.
Advise on cyber workforce training and awareness strategies.
Cyber Risk Management
Provide input for system security categorization, risk assessments, and security control selection.
Support implementation of NIST Risk Management Framework (RMF) and Enterprise Risk Management (ERM) integration.
Provide FedRAMP Moderate/High security advisory support and help evaluate High Value Assets (HVAs).
Contribute to Information Security Continuous Monitoring (ISCM) activities and Cyber Supply Chain Risk Management (C‑SCRM) efforts.
Cyber Compliance & Audit Readiness
Assist with FISMA compliance reporting and performance metric development.
Support Information System Security Officers (ISSOs) with risk documentation, POA&Ms, and ATO package preparation.
Conduct security gap assessments and audit reviews.
Ensure adherence to NIST SP 800-53 security controls and agency security requirements.
Cyber Program Support
Support Cyber Affairs & Information Management through stakeholder coordination, communications, and data‑driven analysis.
Develop and maintain cybersecurity reports, dashboards, and analytical products.
Ensure Quality Assurance for all deliverables and Section 508 compliance.
Deliver program documentation including weekly status reports, executive presentations, and meeting minutes.
Security & Compliance Requirements
Ensure compliance with federal cyber mandates: FISMA, NIST SP 800-53 Rev 5, FedRAMP Moderate/High.
CUI security requirements.
Privacy Act compliance.
Mandatory 1‑hour breach notification policies.
Qualifications and Skills
Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or a related field.
7+ years of experience in cybersecurity, IT risk management, or security compliance.
Strong understanding of federal cybersecurity frameworks: NIST 800‑53, NIST RMF, NIST CSF.
FISMA compliance.
FedRAMP requirements.
Experience supporting cybersecurity programs within a federal environment.
Ability to communicate complex security concepts clearly to technical and non‑technical stakeholders.
Must be able to obtain and maintain a Public Trust clearance / Must be a US citizen.
Desired Skills and Competencies
One or more certifications: CISSP, CISM, Security+, CEH, CAP, CGRC, PMP.
Experience supporting cyber programs at HHS or other federal agencies.
Knowledge of CUI handling guidelines and Privacy Act requirements.
Experience with Zero Trust strategy implementation.
Familiarity with cybersecurity data analysis, metrics, and dashboards.
Flexible work from home options available.
#J-18808-Ljbffr