• Provides cybersecurity guidance for systems development, analysis and design, network design, and security engineering. • Conducts cybersecurity risk assessments of networks and systems. • Conducts cyber threat assessment activities to include research of persistent threats. • Uses classified and unclassified information to create cybersecurity intelligence products and threat assessments for senior leaders. • Develops information security/privacy documentation. • Researches and participates in the selection and management of security support systems. • Supports the development of cybersecurity policies and standard operating procedures. • Participates in compliance and vulnerability assessments for various systems.

• Advising companies on planning, selecting, and implementing secure Microsoft Azure and M365 solutions — tailored to individual requirements • Carrying out Azure migrations, security assessments, and implementing protective measures to secure cloud infrastructures and corporate data • Developing and integrating security policies, technologies, and best practices to strengthen IT security architecture in Azure and M365 environments • Planning and delivering training and workshops for the secure and efficient use of Microsoft cloud services • Continuously optimizing existing Azure and M365 solutions with respect to security, performance, and usability • Designing and implementing secure and efficient Microsoft Azure solutions for businesses

• The Cybersecurity Subject Matter Expert (SME) will be responsible for leading and executing the comprehensive cybersecurity program to protect the Agency’s Enterprise Infrastructure. • The SME will manage all aspects of security compliance, Risk Management Framework (RMF) activities, and vulnerability management to ensure systems maintain their Authority to Operate (ATO) and are compliant with all DoD and Agency policies. • Lead all activities required to maintain current and achieve new ATOs and Authorities to Connect (ATCs) for all Agency systems. • Perform as the System-Level Information System Security Officer (S-ISSO), managing day-to-day security operations. • Direct the vulnerability management program by ensuring all vulnerabilities identified by tools such as ACAS and SCAP are remediated. • Oversee and perform IAVM compliance patching, STIG compliance, and remediation for all IT assets. • Support all internal and external security reviews, including CSSP vulnerability assessments, CORA, IG audits, and penetration testing. • Collaborate with government and development teams on the 'System Security Package.'

• Train new biosecurity auditors on Orbit’s audit procedures, digital tools, reporting processes, and expectations • Create or update training materials, checklists, and reference guides • Offer ongoing coaching and answer auditor questions as they arise • Review submitted audits for completeness, accuracy, and adherence to Orbit standards • Identify inconsistencies, missing information, or deviations from protocol • Provide feedback and corrective guidance to auditors when needed • Conduct secondary reviews of flagged audits to ensure integrity • Serve as the primary support contact for the biosecurity audit team • Host periodic remote check-ins to ensure auditors remain aligned with quality expectations • Monitor auditor performance metrics and document trends or issues • Recommend improvements to audit processes or standards • Maintain digital records of auditor performance, quality scores, and audit outcomes • Summarize audit trends, compliance gaps, or training needs for leadership • Collaborate with management on refining biosecurity audit criteria or tools