• Independently conduct end-to-end insider risk investigations while working closely with Legal, Human Resources, Cybersecurity Operations, and other cross-functional teams. • Use monitoring and detection platforms to investigate anomalous activity for potential insider risk. • Conduct interviews with potential insiders. • Serve as the subject matter expert for insider risk and provide training to team members as needed. • Leverage AI tools to accelerate investigation workflows and data analysis. • Prepare investigation metrics, reports, and briefings. • Develop and maintain playbooks, standard operating procedures, and guideline documentation. • Support education and awareness programs to foster a strong security culture.

Job DetailsLevel: SeniorJob Location: REMOTE (United States) - Remote, VA 22211Position Type: Full TimeEducation Level: Bachelor's DegreeTravel Percentage: Occasionally Job Shift: DayJob Category: Professional ServicesBMA is seeking a Cybersecurity Assessment & Authorization Subject Matter Expert (A&A SME) to support the DLA JETS Defense Agencies Initiative (DAI) Program Management Office (PMO) program. This is a fully remote position and contingent on contract award. Job Summary BMA is seeking a Cybersecurity Assessment & Authorization Subject Matter Expert (A&A SME) to support our DLA Defense Agencies Initiative (DAI) Program Management Office (PMO) contract. The Cybersecurity Assessment & Authorization Subject Matter Expert (SME) provides senior-level cybersecurity governance and execution support for the DAI Program Management Office (PMO) in accordance with DoDI 8510.01 (RMF), DoDI 8500.01, CNSSI 1253, and NIST SP 800-53 control implementation/assessment practices. This role leads and/or directly supports Assessment & Authorization (A&A) activities across DAI environments (on-prem DISA-hosted and Oracle Cloud Infrastructure), ensuring continuous authorization readiness, validated security control effectiveness, compliant documentation in eMASS, actionable POA&Ms, and executive-ready briefings on cybersecurity posture, risk, and authorization impacts. Key Responsibilities: RMF Execution & A&A Leadership: Serve as the RMF/A&A lead SME for DAI releases and system changes; advise the PMO, ISSM/ISSE, and technical teams on authorization strategy, scope, and security control applicability. Execute and manage RMF ensuring complete, accurate, and AO-ready artifacts (SSP/CONOPS, SAP, SAR, RAR, POA&M, AORA packages). Perform/lead security control assessments and authorization reviews, including testing evidence validation, control inheritance/common control analysis, and risk determinations for complex enterprise enclaves and interfaced systems. Control Assessment, Vulnerability Analysis, and Risk Decisions: Analyze scan results and compliance evidence from ACAS (Nessus), STIG validation activities, and IAVM/IAVA directives; determine severity, impact, and authorization ramifications of noncompliance. Develop and manage POA&Ms with clear milestones, mitigations, owners, and validation criteria; track remediation progress and provide status to PMO leadership and the AO chain. Support continuous monitoring execution, including control re-assessment planning, periodic evidence refresh, and change impact analysis for software lifecycle changes. Cybersecurity Policy, Compliance, and Oversight Support: Provide cybersecurity policy support to the DAI PMO: analyze new or pending DoD/DLA policy changes; draft program-level cybersecurity procedures, standards, and implementation guidance. Support external and internal oversight activities (e.g., FISMA/FISCAM/FFMIA-related control evidence support, audit support requests, and compliance inquiries) with defensible, well-organized evidentiary packages. Coordinate cybersecurity working groups/technical exchanges; produce minutes, decision logs, and action-item tracking to closure. Cybersecurity Testing & Program Protection Integration: Assist with cybersecurity T&E methods and documentation to ensure the TEMP includes an OT&E cybersecurity strategy and that cybersecurity assessments align with DT&E/OT&E events. Support COOP validation planning and reporting as required by the PWS, including test plan development, execution support, and results reporting. Emerging Technology, Cloud, and OT/ICS Cybersecurity: Advise on cybersecurity approaches for cloud and modernized environments (e.g., OCI), and for emerging technology areas including Industrial Control Systems (ICS), Operational Technology (OT), and warehouse execution systems where applicable—ensuring appropriate control tailoring, overlays, and risk posture management. Stakeholder Engagement & Executive Communications: Brief senior management on authorization progress, risks, constraints, and recommended decisions (risk acceptance, remediation prioritization, schedule impacts). Translate complex technical findings into executive-ready products (dashboards, risk summaries, status reports) and ensure traceability from findings → risk → remediation → closure. Clearance Requirements There is a Secret Security clearance requirement for this position. Required Skills & Certifications One or more of the following DoD-approved CSSP Analyst certifications: EC-Council Certified Ethical Hacker, EC-Council CSA – Certified SOC Analyst, CompTIA CySA+, GIAC GCIA – GIAC Certified Intrusion Analyst, or GIAC GCIH – GIAC Certified Incident Handler. Five or more years of relevant RMF and NIST A&A experience, including hands-on development and assessment of RMF artifacts for large, complex organizations with multiple enclaves, applications, and interfaced or outsourced services. Demonstrated experience executing DoD cybersecurity processes and working within DoD or DLA cybersecurity policy environments. Proven ability assessing security controls, validating evidence, conducting authorization reviews, and advising on risk decisions affecting system authorization status. Working knowledge of cybersecurity considerations for cloud and ICS or OT-adjacent environments, including warehouse execution or OT infrastructures where relevant. Experience with eMASS package development and maintenance and Authorizing Official submission workflows. Experience with ACAS or Nessus, STIG compliance cycles, vulnerability management, and POA&M governance. Familiarity with DISA-hosted environments and cloud transition impacts on RMF boundaries, control inheritance, and continuous monitoring strategies. Strong technical writing skills producing RMF artifacts, policy and procedure documents, and audit-ready evidence packages. Strong facilitation skills for IPT and working group sessions and cross-functional coordination. Desired Skills & Certifications TS with SCI eligibility. Experience supporting DoD or DLA program offices. Experience supporting DoD or DLA environments. Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Engineering, Business Administration, or a related field. Current Project Management Professional (PMP) certification or equivalent recognized project management certification. Current Risk Management Professional certification such as PMP-RMP, CRISC, CISA, CISM, CGRC, or RIMS-CRMP. Other Duties Able to travel within a week's notice. This job description is not designed to cover or contain a comprehensive listing of activities, duties, or responsibilities that are required of the employee for this job. Duties, responsibilities, and activities may change at any time with or without notice. Overview BMA is an employee-owned small business headquartered in Huntsville, AL that provides superior customer service by empowering all levels of our staff to make timely decisions to produce high-quality results. BMA fosters an environment of passion, precision, and dedication in order to fulfill our commitments to our partners, government, and country. Benefits We believe that our employees well-being is paramount to our success so our benefits package has been crafted with that in mind. We offer multiple healthcare coverage options to include low deductible, high deductible, and plans eligible for our Health Savings Account (HSA) option. Along with medical coverage, employees have dental, vision, accident & illness, short- and long-term disability all available to them. BMA proudly maintains a 401(k) plan with an industry leading 6% match that can include profit sharing based on company performance. Lastly, being an employee-owned company means that BMA offers a 100% Employee Stock Ownership Plan (ESOP), providing eligible employees the opportunity to earn stock in BMA, subject to plan eligibility and vesting requirements. AAP & EEO Statement Beshenich Muir & Associates, LLC (BMA) is an Equal opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regards to race, color, religion, religious creed, gender, sexual orientation, gender identity, gender expression, transgender, pregnancy, marital status, national origin, ancestry, citizenship status, age, disability, protected Veteran Status, genetics or any other characteristics protected by applicable Federal, State, or Local Law. Qualifications

IT Security Architect Role Summary Conduent is building an architecture function responsible for defining enterprise technology standards across identity, infrastructure, cloud, and security platforms. The IT Security Architect defines and governs the security architecture that shapes how enterprise technology platforms are designed across on-site, hybrid, and cloud environments. The role establishes technical standards, reference architectures, and security guardrails that guide engineering teams and modernization initiatives across the organization. Key Responsibilities - Design, maintain, and drive execution of security architecture frameworks and roadmaps spanning on-premises, hybrid, and cloud environments, aligned to regulatory and industry frameworks (NIST, ISO 27001, SOC 2, NYDFS) and translated into enforceable architectural controls. - Define enterprise identity and authentication architecture across Active Directory and Microsoft Entra ID, including Tier-0 protections, privileged access models, authentication protocol standards (Kerberos, OAuth, SAML, OIDC), and cross-tenant identity integration patterns. - Lead security architecture for domain, forest, and tenant consolidation initiatives, ensuring hardened trust models, secure hybrid identity boundaries, and resilient authentication infrastructure. - Establish security architecture standards for infrastructure/technology platforms including datacenter environments, server platforms, hybrid connectivity, and administrative privilege boundaries. - Define cloud security architecture standards across enterprise cloud platforms, including Azure security baselines, RBAC models, policy enforcement, workload identity controls, and secure integration patterns across multi-tenant environments. - Define cloud, container, and DevSecOps security standards including image governance, runtime protection, and embedded controls within infrastructure-as-code and CI/CD pipelines. - Establish data protection and cryptographic architecture standards including data classification, encryption, key management, PKI, DLP patterns, and data residency. - Define network and hybrid connectivity security architecture including segmentation strategies, private connectivity models, micro-segmentation, and blast-radius containment patterns. - Define security telemetry, logging, and audit architecture standards to support measurable control enforcement, SIEM/XDR integration, and incident readiness by design. - Lead security architecture reviews, threat modeling, and risk assessments for major initiatives and emerging technologies, identifying systemic control gaps and defining mitigation patterns and measurable security architecture KPIs. Required Experience - 10+ years in enterprise security or infrastructure architecture - Deep expertise in identity architecture (Active Directory, Entra ID, privileged access models) - Strong experience designing hybrid enterprise technology security models - Experience defining enterprise technology architecture standards and security guardrails - Familiarity with NIST CSF and enterprise regulatory frameworks Preferred Experience - CISSP - Azure security or architecture certifications (AZ-500, AZ-305) - Experience supporting large-scale domain, identity, or tenant consolidation initiatives Success in This Role - Enterprise technology security architecture standards adopted across identity, infrastructure, and cloud platforms - Hardened privileged access and Tier-0 posture across enterprise identity systems - Consistent security baselines implemented across cloud and hybrid environments - Security embedded into early planning phases of modernization initiatives - Reduced architectural risk findings across technology & enterprise programs Flexible Working At Conduent, we value individuality and flexible working arrangements. In this role, you can expect: - Remote Work: Enjoy the flexibility of working from home while optimizing your work-life balance. We offer perks and rewards designed to support you: - Health & Welfare Benefits: Comprehensive plans tailored to your needs, effective from day one. - Retirement Savings: Robust programs to help you secure your financial future. - Employee Discounts: Access to a wide range of discounts on merchandise, services, travel, and more. - Career Growth Opportunities: Paths for advancement within a global organization. - Paid Training: Learn while you earn with award-winning learning platforms. - Paid Time Off: Competitive PTO packages to help you recharge. - Great Work Environment: Join an award-winning culture that values diversity and inclusion. Pay Transparency Laws in some locations require disclosure of compensation and/or benefits-related information. For this position, actual salaries will vary and may be above or below the range based on various factors including but not limited to location, experience, and performance. In addition to base pay, this position, based on business need, may be eligible for a bonus or incentive. In addition, Conduent provides a variety of benefits to employees including health insurance coverage, voluntary dental and vision programs, life and disability insurance, a retirement savings plan, paid holidays, and paid time off (PTO) or vacation and/or sick time. The estimated salary range for this role is $130K - 160K annually. Through our dedicated associates, Conduent delivers mission-critical services and solutions on behalf of Fortune 100 companies and over 500 governments - creating exceptional outcomes for our clients and the millions of people who count on them. You have an opportunity to personally thrive, make a difference and be part of a culture where individuality is noticed and valued every day. Conduent is an Equal Opportunity Employer and considers applicants for all positions without regard to race, color, creed, religion, ancestry, national origin, age, gender identity, gender expression, sex/gender, marital status, sexual orientation, physical or mental disability, medical condition, use of a guide dog or service animal, military/veteran status, citizenship status, basis of genetic information, or any other group protected by law. For US applicants: People with disabilities who need a reasonable accommodation to apply for or compete for employment with Conduent may request such accommodation(s) by submitting their request through this form that must be downloaded: click here to access or download the form. Complete the form and then email it as an attachment to FTADAAA@conduent.com. You may also click here to access Conduent's ADAAA Accommodation Policy.

• Mentor other Security Program Managers on execution and delivery, both from a security subject matter expert perspective as well as program management • Work with stakeholders to drive critical security initiatives for the company • Manage and scale security programs by defining milestones and success criteria, resource allocation, and successful on-time delivery • Proactively identify and resolve roadblocks/challenges affecting projects • Drive automation and process improvements for security programs • Explain technical architecture, decisions, and tradeoffs to both engineering and other functions • Work with Engineering, Product, and Security leadership to streamline and drive our projects on a predictable schedule • Participate in operational security work, including incident response and vulnerability management