Sierra 7, Inc.
Description
Sierra7, Inc. is seeking a Cybersecurity Lead who will provide comprehensive cybersecurity and Software Assurance (SwA) services for the DCIPS Future initiative, a high-impact DoD case management platform. This role is responsible for ensuring compliance with cybersecurity mandates from DoD, DISA, U.S. Cyber Command, and MC&FP, including implementation of a secure DevSecOps framework, Zero Trust Strategy, and rigorous adherence to Risk Management Framework (RMF), STIGs, and SRGs. The Cybersecurity Lead will work closely with the Government's security teams to sustain the platform's Authorization to Operate (ATO) across classified and unclassified environments.
Position Responsibilities: • Lead the development, implementation, and maintenance of the DevSecOps Plan for the DCIPS Future program. • Oversee and manage cybersecurity compliance activities with DoD, DISA, U.S. Cyber Command, and MC&FP directives. • Conduct and coordinate penetration testing, vulnerability assessments, and risk analyses to identify and mitigate security weaknesses. • Ensure full implementation of DoD's Zero Trust Strategy and compliance with RMF, DISA STIGs, and SRGs. • Manage and track vulnerability remediation, security audit findings, and corrective action plans across IL2, IL4, and IL5 environments in AWS GovCloud. • Lead the effort to obtain and sustain the system's Authorization to Operate (ATO), including continuous monitoring and documentation updates. • Coordinate with Government security teams and cloud support contractors to ensure alignment on compliance, incident response, and secure system configurations. • Support secure software assurance (SwA) activities throughout the software development lifecycle. • Report on key cybersecurity metrics and advise program leadership on security risks and mitigation strategies. • Champion security best practices and promote a culture of continuous improvement within DevSecOps processes.
Requirements
• Expertise in developing and executing DevSecOps strategies in DoD or similar federal environments. • In-depth knowledge of DoD cybersecurity policies, including RMF, DISA STIGs/SRGs, and Zero Trust architecture. • Strong hands-on experience with vulnerability management, penetration testing tools, and secure configuration management. • Familiarity with cloud security in AWS GovCloud, including IL2, IL4, and IL5 environments. • Ability to lead security audits, respond to findings, and maintain robust documentation for ATO packages. • Effective communication and stakeholder management skills with both technical teams and government counterparts. • Experience with Security Technical Implementation Guides (STIGs) and hardening procedures for federal systems. • Proficiency in risk assessment methodologies, incident response, and continuous monitoring. • Knowledge of software assurance principles and secure SDLC practices.
Education & Experience: • Bachelor's degree in a STEM-related field (e.g., Cybersecurity, Computer Science, Information Systems, Engineering). • Minimum of 10 years of experience in DoD cybersecurity, including: • Hands-on expertise with DevSecOps practices and tools • Managing and implementing RMF and security controls • Ensuring STIG/SRG compliance in high-impact federal systems • Certifications (Required): At least one of the following: • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • CompTIA Advanced Security Practitioner (CASP+)
Why Join Sierra7?
Sierra7 is a Small Disabled Veteran Owned Business. We were founded in 2009 with the mission of "serving those who serve". We are a Service-Disabled Veteran-Owned Small Business (SDVOSB) and CMMI-SVC Level 3-appraised member of the government technology and services industry. We are a proud recipient of the 2024 Gold HIRE Vets Medallion Award from the US Department of Labor, which recognizes employers who successfully recruit, hire, and retain Veterans.
Benefits: Medical/Dental/Vision FSA (Flexible Spending Account) HSA (Health Savings Account) Life Insurance, Voluntary Life Insurance, Voluntary Short- and Long-Term Disability Additional Supplemental Medical Benefits
Critical Care, Hospital Indemnity, Legal Plan, Pet Insurance, Accident
401K Legal Assistance Financial Wellness Paid Time Off (PTO) Federal Holidays Education Reimbursement LinkedIn Learning Employee Referral Program
Sierra7, Inc. is seeking a Cybersecurity Lead who will provide comprehensive cybersecurity and Software Assurance (SwA) services for the DCIPS Future initiative, a high-impact DoD case management platform. This role is responsible for ensuring compliance with cybersecurity mandates from DoD, DISA, U.S. Cyber Command, and MC&FP, including implementation of a secure DevSecOps framework, Zero Trust Strategy, and rigorous adherence to Risk Management Framework (RMF), STIGs, and SRGs. The Cybersecurity Lead will work closely with the Government's security teams to sustain the platform's Authorization to Operate (ATO) across classified and unclassified environments.
Position Responsibilities: • Lead the development, implementation, and maintenance of the DevSecOps Plan for the DCIPS Future program. • Oversee and manage cybersecurity compliance activities with DoD, DISA, U.S. Cyber Command, and MC&FP directives. • Conduct and coordinate penetration testing, vulnerability assessments, and risk analyses to identify and mitigate security weaknesses. • Ensure full implementation of DoD's Zero Trust Strategy and compliance with RMF, DISA STIGs, and SRGs. • Manage and track vulnerability remediation, security audit findings, and corrective action plans across IL2, IL4, and IL5 environments in AWS GovCloud. • Lead the effort to obtain and sustain the system's Authorization to Operate (ATO), including continuous monitoring and documentation updates. • Coordinate with Government security teams and cloud support contractors to ensure alignment on compliance, incident response, and secure system configurations. • Support secure software assurance (SwA) activities throughout the software development lifecycle. • Report on key cybersecurity metrics and advise program leadership on security risks and mitigation strategies. • Champion security best practices and promote a culture of continuous improvement within DevSecOps processes.
Requirements
• Expertise in developing and executing DevSecOps strategies in DoD or similar federal environments. • In-depth knowledge of DoD cybersecurity policies, including RMF, DISA STIGs/SRGs, and Zero Trust architecture. • Strong hands-on experience with vulnerability management, penetration testing tools, and secure configuration management. • Familiarity with cloud security in AWS GovCloud, including IL2, IL4, and IL5 environments. • Ability to lead security audits, respond to findings, and maintain robust documentation for ATO packages. • Effective communication and stakeholder management skills with both technical teams and government counterparts. • Experience with Security Technical Implementation Guides (STIGs) and hardening procedures for federal systems. • Proficiency in risk assessment methodologies, incident response, and continuous monitoring. • Knowledge of software assurance principles and secure SDLC practices.
Education & Experience: • Bachelor's degree in a STEM-related field (e.g., Cybersecurity, Computer Science, Information Systems, Engineering). • Minimum of 10 years of experience in DoD cybersecurity, including: • Hands-on expertise with DevSecOps practices and tools • Managing and implementing RMF and security controls • Ensuring STIG/SRG compliance in high-impact federal systems • Certifications (Required): At least one of the following: • Certified Information Systems Security Professional (CISSP) • Certified Information Security Manager (CISM) • CompTIA Advanced Security Practitioner (CASP+)
Why Join Sierra7?
Sierra7 is a Small Disabled Veteran Owned Business. We were founded in 2009 with the mission of "serving those who serve". We are a Service-Disabled Veteran-Owned Small Business (SDVOSB) and CMMI-SVC Level 3-appraised member of the government technology and services industry. We are a proud recipient of the 2024 Gold HIRE Vets Medallion Award from the US Department of Labor, which recognizes employers who successfully recruit, hire, and retain Veterans.
Benefits: Medical/Dental/Vision FSA (Flexible Spending Account) HSA (Health Savings Account) Life Insurance, Voluntary Life Insurance, Voluntary Short- and Long-Term Disability Additional Supplemental Medical Benefits
Critical Care, Hospital Indemnity, Legal Plan, Pet Insurance, Accident
401K Legal Assistance Financial Wellness Paid Time Off (PTO) Federal Holidays Education Reimbursement LinkedIn Learning Employee Referral Program