Responsibilities & Qualifications RESPONSIBILITIES - Serve as a Cybersecurity Subject Matter Expert (SME) for Assessment and Authorization (A&A) activities supporting Department of Defense (DoD) information systems. - Support the implementation and execution of the Risk Management Framework (RMF) for the authorization of information systems. - Conduct security control assessments and evaluate compliance with NIST SP 800-53 security controls and DoD cybersecurity requirements. - Provide technical guidance and subject matter expertise for systems undergoing the authorization process. - Analyze vulnerabilities and determine applicable severity values for identified security control deficiencies. - Assess the potential impact of vulnerabilities on a system’s current or future authorization status. - Support authorization package development and review to ensure completeness, accuracy, and compliance with DoD cybersecurity policies. - Evaluate cybersecurity posture across complex IT infrastructures consisting of multiple enclaves, AIS applications, and outsourced IT processes. - Provide cybersecurity expertise related to emerging technologies including Cloud environments, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT) infrastructures. - Brief senior management and stakeholders on RMF progress, risk posture, and authorization status of information systems. - Collaborate with system owners, cybersecurity teams, and government representatives to ensure successful completion of A&A activities. - Ensure cybersecurity documentation, procedures, and processes align with DoD policies and enterprise security standards. REQUIRED QUALIFICATIONS - Top Secret - IT-I Critical security clearance, Tier 5 investigation. - Active CSSP Analyst Certification - Five (5) years of relevant experience supporting Risk Management Framework (RMF) and NIST Assessment and Authorization (A&A) processes. - Experience supporting DoD cybersecurity programs and authorization processes. - Experience assessing security controls and conducting authorization reviews for large, complex enterprise environments. - Strong understanding of DoD cybersecurity policies, procedures, and authorization requirements. - Knowledge of cybersecurity considerations for Cloud technologies, Industrial Control Systems (ICS), warehouse execution systems, and Operational Technology (OT) environments. Overview We are seeking a Cybersecurity Assessment and Authorization SME to join our team! TekSynap is a fast growing high-tech company that understands both the pace of technology today and the need to have a comprehensive well planned information management environment. “Technology moving at the speed of thought” embodies these principles – the need to nimbly utilize the best that information technology offers to meet the business needs of our Federal Government customers. We offer our full-time employees a competitive benefits package to include health, dental, vision, 401K, life insurance, short-term and long-term disability plans, vacation time and holidays. Visit us at www.TekSynap.com. Apply now to explore jobs with us! The safety and health of our employees is of the utmost importance. Employees are required to comply with any vaccination requirements mandated by contract, applicable law or regulation. By applying to a role at TekSynap you are providing consent to receive text messages regarding your interview and employment status. If at any time you would like to opt out of text messaging, respond "STOP". As part of the application process, you agree that TekSynap Corporation may retain and use your name, e-mail, and contact information for purposes related to employment consideration. Additional Job Information WORK ENVIRONMENT AND PHYSICAL DEMANDS The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of the job. Reasonable accommodation may be made to enable individuals with disabilities to perform the essential functions. - Locations: Remote - Type of environment: Remote - Noise level: Medium - Work schedule: Schedule is day shift Monday – Friday. May be requested to work evenings and weekends to meet program and contract needs. - Amount of Travel: Less than 10% List of Approved States: AL, AK, AZ, AR, CT, DE, FL, GA, ID, IN, IO, KS, KY, LA, ME, MI, MS, MO, MT, NE, NV, NH, NM, NC, ND, OH, OK, OR, PA, RI, SC, SD, TN, TX, UT, VA, WV, WI, WY. PHYSICAL DEMANDS The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. While performing the duties of this job, the employee is regularly required to use hands to grip, handle, or feel; reach with hands and arms; and talk or hear. The employee is regularly required to stand; walk; sit; climb or balance; and stoop, kneel, crouch, or crawl. The employee is regularly required to lift up to 10 pounds. The employee is frequently required to lift up to 25 pounds; and up to 50 pounds. The vision requirements include close vision, distance vision, peripheral vision, depth perception, and ability to adjust focus. WORK AUTHORIZATION/SECURITY CLEARANCE - U.S. Citizen - Top Secret - IT-I Critical security clearance, Tier 5 investigation. OTHER INFORMATION Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice. TekSynap is a drug-free workplace. We reserve the right to conduct drug testing in accordance with federal, state, and local laws. All employees and candidates may be subject to drug screening if deemed necessary to ensure a safe and compliant working environment. EQUAL EMPLOYMENT OPPORTUNITY In order to provide equal employment and advancement opportunities to all individuals, employment decisions will be based on merit, qualifications, and abilities. TekSynap does not discriminate against any person because of race, color, creed, religion, sex, sexual orientation, gender identity, protected veteran status, national origin, disability, age, genetic information or any other characteristic protected by law (referred to as “protected status”). This nondiscrimination policy extends to all terms, conditions, and privileges of employment as well as the use of all company facilities, participation in all company-sponsored activities, and all employment actions such as promotions, compensation, benefits, and termination of employment. TekSynap is committed to ensuring that our online application process provides an equal employment opportunity to all job seekers, including individuals with disabilities. If you believe you need a reasonable accommodation in order to search for a job opening or to submit an application, please contact hr@teksynap.com for assistance.remote #telework #linkedin #LI-Remote (turn font to white)

• Lead the rebuild of security policies and align with best practices • Implement security controls across business units • Manage risk registers and compliance documentation • Oversee PCI DSS certification process and maintain ongoing compliance

• Lead the strategy, development, and execution of security and compliance program • Manage a team of two security professionals • Develop and track key metrics to measure program maturity • Partner with Legal to interpret regulatory requirements • Drive security awareness initiatives

• Serve as the primary risk partner and advisor to senior business and technology leaders. • Develop and maintain a consolidated risk profile that connects disparate risk signals into a coherent narrative. • Influence strategy, investment decisions, and delivery roadmaps regarding risk considerations. • Provide cybersecurity risk leadership for enterprise platforms. • Maintain hands‑on cybersecurity expertise and serve as the primary cybersecurity risk authority. • Lead high-impact cyber risk discussions with technology teams. • Translate high-severity cybersecurity findings into clear business impact for senior leaders. • Operate as a second line of defense function, providing independent oversight and guidance.