• Own end-to-end audit cycles across SOC 2, ISO 27001, and PCI DSS — scoping, evidence collection, assessor coordination, and finding remediation • Lead gap analysis and maintain audit-ready documentation and policies in the trust center • Drive continuous monitoring obligations, including PCI DSS monthly reporting and SAQ completion • Partner with IT, Engineering, and Sales to implement security controls and support vendor security questionnaires • Maintain risk registers and incident playbooks as the business evolves

Role Description Dine-Source, LLC is SBA 8(a) SDB certified a company dedicated to solving IT business problems for three major markets: Federal, Commercial and Tribal. Our focus is on the ever-changing world of Cyber Security with respect to staffing for building and securing networks and enterprise applications. Another focus is to provide businesses with the Hardware & Software to meet their needs. We both sell and implement complete business solutions. - Apply expert-level knowledge of the Risk Management Framework (RMF), including NIST SP 800-53 Revisions 4 and 5, to support security authorization processes and prepare comprehensive ATO submission packages. - Coordinate with DISA, System Integrators, the Program Office, and Database Administrators to identify, analyze, and remediate system vulnerabilities. - Perform continuous monitoring of security controls in alignment with the RMF strategy, ensuring ongoing compliance and risk awareness. - Collaborate with Security Control Assessor (SCA) and Security Control Assessment Representative (SCAR) teams to plan and execute security testing for system releases and authorization activities. - Support vulnerability management efforts, including implementation and tracking of STIGs, ACAS scans, Fortify static code analysis, and SIEM-based alerting and monitoring. - Review and analyze system logs and alerts generated by the SIEM to detect potential threats and assess system health. - Assess newly identified vulnerabilities, initiate appropriate tickets, and manage resolution through the Configuration Management and cyber release processes. - Work closely with the Compliance Team to support annual FIAR audit activities (e.g., SOC 1, SOC 2), track Audit findings via POA&Ms through resolution. - Participate in annual cybersecurity evaluations and red/blue team assessments, providing analysis and remediation planning for network, application, and database architecture findings. - Contribute to AGILE Release Management Integrated Product Teams (IPTs), ensuring cybersecurity requirements are incorporated throughout system development and change processes. - Develop, review, and maintain cybersecurity policies, program documentation, and PMO guidance to support governance and compliance objectives. - Lead remediation efforts for vulnerabilities documented in POA&Ms or planned cyber releases, with emphasis on addressing high-risk findings identified by the SCA within defined timelines. - Provide program leadership with regular updates on the status of open POA&M items, including monthly reporting or as requested. - Support annual FISMA assessments, incident response activities, and contingency plan testing to maintain security posture and operational readiness. - Maintain working knowledge of applicable cybersecurity standards, policies, and regulations, including those from NIST, DoD, and other federal entities. Qualifications - Bachelor’s degree and a minimum of 8 years of relevant cybersecurity experience. - Risk Management Experience a plus. - Must have a CYSA + certification OR CAP, CASP+CE, CISM, CISSP, GSLC, CCISO, HCISPP. - Secret Security Clearance Required. Requirements - This contractor and subcontractor shall abide by the requirements of 41 CFR 60–1.4(a), 60–300.5(a) and 60–741.5(a). - These regulations prohibit discrimination against qualified individuals based on their status as protected veterans or individuals with disabilities, and prohibit discrimination against all individuals based on their race, color, religion, sex, sexual orientation, gender identity, national origin, or for inquiring about, discussing, or disclosing information about compensation. - Moreover, these regulations require that covered prime contractors and subcontractors take affirmative action to employ and advance in employment individuals without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status. Company Description Diné Development Corporation (DDC) is a Navajo Nation owned family of companies that delivers IT, professional, and environmental solutions to advance the missions of federal, state, and tribal government agencies. As thought leaders and innovators, our team of specialists build client-centric solutions that solve critical challenges faced by defense, civilian, and healthcare organizations. Employing a mission-focused approach, we deliver value that not only enhances current operations, but also drives future change. Closely aligned with this approach is our commitment to advancing the Navajo Nation and its People. Through economic development and community empowerment, we elevate the Navajo Nation to provide lasting impact and sustainable growth for future generations. DDC’s ability to unite legacy-inspired technologies, industry best practices, and proven methodologies has contributed to our success for twenty years.

Title: RMF Cybersecurity ISSO/SME 3 Program Summary: KBR’s Mission Engineering Division delivers complex technical solutions and expert support to the U.S. Department of War, specializing in modeling and simulation, cyber transformation, air vehicle mission integration, and lifecycle support. As a trusted partner with a proven history in mission technology, KBR collaborates closely with clients to develop innovative and effective solutions. With a strong ethical framework, KBR prioritizes data security, privacy, and responsible information management to ensure mission success. Job Summary: KBR is seeking a Cybersecurity Risk Management Framework (RMF) Information System Security Officer (ISSO) to support the DHA Solution Delivery Division (SDD). In this role, you will lead Assessment & Authorization (A&A) activities and guide systems through the RMF lifecycle to achieve and maintain Authorizations to Operate (ATOs) for mission-critical medical systems. You will work closely with engineers, developers, and government stakeholders to ensure compliance with NIST, DoD, and DHA cybersecurity requirements while supporting continuous monitoring and risk management efforts. This 100% remote position requires availability during standard Eastern Time (ET) day shift hours. Join KBR to contribute directly to protecting critical healthcare systems supporting warfighters and their families. Roles and Responsibilities: - Manage one or more information systems throughout the full six-step RMF lifecycle, including assessment, authorization, and continuous monitoring activities - Serve as an RMF Subject Matter Expert (SME), advising stakeholders on cybersecurity compliance, risk posture, and ATO readiness - Develop, review, and maintain RMF packages and associated documentation, including Security Plans, POA&Ms, Risk Assessment Reports, and security control policies - Assess system compliance against NIST SP 800-53 controls and DHA RMF requirements as part of self-assessment and annual reviews - Document and maintain evidence supporting control implementation and compliance - Lead and participate in A&A and stakeholder meetings to track system status, resolve issues, and drive RMF progress - Coordinate with engineers and system owners to develop architecture diagrams, system asset inventories, and security policies - Prepare and deliver status reports to DHA leadership on system authorization and compliance efforts Basic Qualifications: - Active DoD Secret security clearance - Bachelor’s degree in cybersecurity, information technology, or related field with 6+ years of experience; or 14+ years of relevant cybersecurity/IT experience in lieu of degree. - DoD Manual 8140.03 (formerly 8570.01)-compliant certification (e.g., Security+, CISSP, CASP+/SecurityX) - Demonstrated experience performing RMF activities as an ISSO/ISSM/SME, including ATO process support and RMF package development (Security Plans, POA&Ms, architecture diagrams, system security policies, etc.) - Demonstrated experience assessing and documenting NIST SP 800-53 controls - Experience using Microsoft Office applications: Word, PowerPoint, Excel, and SharePoint Preferred Qualifications: - Experience using eMASS or equivalent compliance-tracking application - Experience supporting RMF processes under DHA - Familiarity with ACAS and DISA STIGs/SRGs and tools such as STIG Viewer and SCAP Compliance Checker - Familiarity with Continuous Monitoring and Risk Scoring (CMRS) - Experience using Microsoft Project to build Integrated Master Schedules (IMS) Compensation: $107,600.00 - $161,400.00. The salary range posted is based on the national average. The offered rate will be based on the selected candidate’s location, knowledge, skills, abilities, and/or experience, contract affordability, and in consideration of internal parity. Benefits: KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development. Belong, Connect and Grow at KBR At KBR, we are passionate about our people and our Zero Harm culture. These inform all that we do and are at the heart of our commitment to, and ongoing journey toward being a People First company. That commitment is central to our team of team’s philosophy and fosters an environment where everyone can Belong, Connect and Grow. We Deliver – Together. KBR is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, disability, sex, sexual orientation, gender identity or expression, age, national origin, veteran status, genetic information, union status and/or beliefs, or any other characteristic protected by federal, state, or local law.

Job DetailsLevel: SeniorJob Location: Beavercreek Office - Beavercreek, OH 45431Position Type: Full TimeTravel Percentage: Up to 10%Why Sabel Systems Sabel Systems Technology Solutions, LLC is a digital engineering and Defense technology partner helping organizations simplify complexity and improve mission outcomes through secure, scalable solutions across the lifecycle. Our people-first culture blends large-business opportunity with small-business agility, enabling us to deliver high-impact, secure solutions, rapidly while investing in our people’s growth and success. You will be joining a dynamic and highly motivated team with one shared goal: “Get quality and secure solutions in the customers’ hands as soon as possible.” Why This Roles Matters This individual will focus on policy development, security control implementation, network traffic analysis, and maintaining DoD cyber governance and compliance. The position will also be responsible for business development in the cybersecurity field. The ideal candidate will be a highly skilled cybersecurity professional with a proven track record as a highly technical ISSM. This role requires excellent policy and technical knowledge, attention to detail, and the ability to collaborate effectively with other IT and security teams. A minimum of an active Department of Defense Top Secret clearance is necessary for this position. What You'll Do Cyber Risk Management Provide in-person and/or remote/hybrid developed solutions to the customer’s cybersecurity requirements. Develop appropriate policy in accordance with DoD regulations and industry best practices. Conduct compliance scans as dictated by the customer. Conduct vulnerability scans on a weekly basis in accordance with DAF TASKORDS and DoD regulations. Assist engineering staff with design changes. Participate in change control boards as a voting member. Stay updated with the latest DoD regulations, emerging cybersecurity trends. Develop and implement custom detection techniques to identify new and emerging threats. Report findings to stakeholders and assist in the creation of actionable security recommendations. Collaborate with SOC analysts and incident response teams to investigate, remediate, and escalate security incidents. Governance & Compliance Enforce standardized cyber certification and sustainment processes. Prepare products for audits and customer reviews. Develop risk metrics and regularly report to leadership. Support pre-sales cyber posture discussions. Tools Used RMF / GRC tools (eMASS or equivalent) Vulnerability scanning tools GitLab, Nexus, SonarQube, Grafana dashboards Secure documentation repositories Job Qualifications Required Qualifications US Citizen Active DoD Top Secret clearance Bachelor’s degree in Cybersecurity, Engineering, or related field 10+ years experience in cybersecurity with a heavy focus on RMF 7+ years Systems administration experience Hands-on ATO experience in DoD Strong communication and documentation skills Certifications such as CISSP, CISM Preferred Qualifications Leadership skills Strong skills writing policies and procedures Extensive experience working with IT and SCA(R) Gov cloud and technical cloud security experience Certifications such as ITIL or Project+ Minimum Qualifications To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the minimum knowledge, skill, and/or ability required. Strong analytical and organizational skills Process improvement skills Ability to manage multiple products concurrently Professionalism, integrity, and ownership Able to work remotely Work Location This is a full-time, fully remote opportunity, available to candidates residing in the U.S. Candidates must be available to support Eastern Standard business hours with up to 10% additional travel to support customer events. Our Core Values Bias for Action: Decisive. Purposeful. Agile. We move with the speed of relevance to drive impact and progress. Integrity: Respect. Ethics. Transparency. We do what’s right and earn lasting trust. Delivery Excellence: Customer-obsessed. Mission-focused. Quality-driven. We deliver innovative outcomes that exceed expectations. Our EVP Promise Join Sabel Systems, where your contributions drive impact, your growth is continuously supported, and your well-being is at the center of how we work—so together, we can build the future with purpose. “Rewarding Impact. Building Futures Together.” Compensation Compensation will be determined in partnership with the Hiring Manager and may vary based on factors such as contract and labor category alignment, relevant experience, skills, education, certifications or licenses, and geographic location. Sabel Systems is committed to offering all employees a competitive benefits and compensation package that is comprehensive enough to meet their goals and needs. Our employees are our most valuable asset, and one of Sabel Systems largest financial investments is our benefits program. As a valued member of the organization, employees are provided with a host of benefits to include healthcare; financial assistance in the event of illness, injury, disability, loss of work, or death; health savings accounts; retirement plans; paid time off; paid holidays; education and training program reimbursement, to name a few. Equal Employment Opportunity Sabel Systems is an equal opportunity employer. Our hiring decisions are based solely on qualifications, merit, and business need. We prohibit discrimination and harassment of any kind across all employment practices within our organization. Sabel Systems participates in the E-Verify Employment Verification Program. Reasonable Accommodation Sabel Systems is committed to providing equal employment opportunities and ensuring an accessible application process for all candidates. Applicants with disabilities who require reasonable accommodation to participate in the application or interview process are encouraged to contact us at recruiting@sabelsystems.com for assistance.