• Perform security hardening for client’s cloud environment • Implement necessary security measures for AI operations such as Data encryption in transit and at rest, Access control and identity management • Adhere to risk management principles in NIST AI Risk Management Framework and agency policy • Operate within FedRAMP(moderate) authorized services appropriate for the agency’s data • Comply with FISMA, implement controls aligned to NIST SP 800-53, adopt Zero Trust patterns (NIST SP 800-207), and ensure audit logging and continuous monitoring • Implement Zero Trust principles, least privilege, and role/persona-based access-controlled workspaces • Support Section 508 accessibility for user interfaces and documentation • Support clients ATO requirements • Provide an annual risk assessment on how security controls are being followed • Review and document the external systems security assessment report in the above-mentioned risk assessment on an annual basis

• Support planning, assessment, and implementation of Zero Trust principles across classified environments • Evaluate identity, device, network, application, and data protection controls • Assess Zero Trust maturity against DoD Zero Trust reference architectures • Provide recommendations to reduce implicit trust and strengthen access control enforcement • Oversee SIEM and SOAR operations for classified networks • Analyze security logs, alerts, and correlated events to identify threats and anomalous behavior • Perform traffic pattern analysis to detect lateral movement, unauthorized activity, and data exfiltration risks • Support incident response investigations and forensic analysis • Oversee vulnerability management and advanced vulnerability analysis efforts • Assess mission risk across enterprise, tactical, and mission networks • Ensure the security posture of complex, interconnected classified systems • Configure and manage AWS Security toolsets (CloudTrail, GuardDuty, Inspector, Security Hub) • Provide technical leadership and guidance to engineering, operations, and compliance teams • Mentor junior and mid-level cybersecurity personnel • Support cybersecurity strategy development and continuous process improvement • Stay current with emerging threats, adversary TTPs, and evolving DoD cybersecurity guidance

• Support and maintain development, maintenance, and oversight of RMF packages for classified C5ISR and IIR systems • Coordinate with Government System Owners, ISSOs, ISSEs, and Authorizing Officials to collect evidence, validate control implementation and maintain package accuracy. • Execute RMF support activities for ATO/IATT and continuous monitoring across multiple systems/enclaves, including documentation updates driven by engineering and operational changes. • Document and track POA&M items, support risk-based prioritization, and provide remediation status reporting through closure. • Validate documentation alignment with system architecture, interconnections, control inheritance, and mission dependencies. • Ensure systems comply with Department of War/DoD, and federal cybersecurity requirements • Support internal and external audits, inspections, and cybersecurity assessments • Monitor changes to cybersecurity policy and support implementation across supported systems • Provide compliance status, risk analysis, and authorization reporting to government leadership • Author, maintain, and approve cybersecurity SOPs, plans, and technical documentation • Standardized documentation practices across supported systems and teams • Ensure documentation supports audits, inspections, and operational continuity • Support cybersecurity risk management for C5ISR and IIR systems • Assess security impacts across enterprise, tactical, and mission networks • Support interconnected and cross-domain system authorization efforts

• Support planning, assessment, and implementation of Zero Trust principles across classified environments • Evaluate identity, device, network, application, and data protection controls • Assess Zero Trust maturity against DoD Zero Trust reference architectures • Provide recommendations to reduce implicit trust and strengthen access control enforcement • Oversee SIEM and SOAR operations for classified networks • Analyze security logs, alerts, and correlated events to identify threats and anomalous behavior • Perform traffic pattern analysis to detect lateral movement, unauthorized activity, and data exfiltration risks • Support incident response investigations and forensic analysis • Oversee vulnerability management and advanced vulnerability analysis efforts • Assess mission risk across enterprise, tactical, and mission networks • Ensure the security posture of complex, interconnected classified systems • Cloud Security: Configure and manage AWS Security toolsets (CloudTrail, GuardDuty, Inspector, Security Hub) • Provide technical guidance to engineering, operations, and compliance teams • Support cybersecurity strategy development and continuous process improvement • Stay current with emerging threats, adversary TTPs, and evolving DoD cybersecurity guidance