• Lead the deployment and configuration of BeyondTrust Endpoint Privilege Management (EPM) across the organization • Design, implement, and fine‑tune EPM policies, rules, and configurations for different user groups and environments • Work with Security / IAM / IT to plan and execute a phased rollout with early adopters, business teams, and then engineering • Collaborate with internal stakeholders to gather feedback on the rollout and adjust policies and settings accordingly • Create and maintain documentation which includes configuration guides, runbooks, deployment procedures, and best practices • Contribute to testing and validation of EPM policies to minimise user disruption while maintaining strong security controls • Identify opportunities to automate deployment, configuration, and ongoing management (e.g. via scripting in PowerShell, Bash, Python, etc.) • Monitor progress against agreed project timelines and milestones, escalating risks or blockers when needed • Work closely with the wider Identity & Access Management team to align EPM configuration with existing IAM standards and processes • Provide knowledge sharing and basic enablement to internal teams on how to work effectively with the new EPM solution

• Participate in daily network, firewall, and operational support. • Ability to troubleshoot network issues and failures and follow best practices and troubleshooting methodology to quickly assess current situations, find solutions, and implement changes to correct and/or update network topologies to ensure stability and functionality. • Provide technical analysis of operational issues and remediations during troubleshooting efforts to ensure documentations and procedures are followed and updated during active events. This includes the ability to report to management. • Stay up to date on emerging technologies and products, including attaining certifications and participation in industry events as appropriate. • Work with various stake holders to lead problem solving, evolve system roadmap and take critical decisions. • Provide clear communication with regular updates/reports to the management team.

• Participate in daily network, firewall, and operational support. • Ability to troubleshoot network issues and failures and follow best practices and troubleshooting methodology to quickly assess current situations, find solutions, and implement changes to correct and/or update network topologies to ensure stability and functionality. • Provide technical analysis of operational issues and remediations during troubleshooting efforts to ensure documentations and procedures are followed and updated during active events. This includes the ability to report to management. • Stay up to date on emerging technologies and products, including attaining certifications and participation in industry events as appropriate. • Work with various stake holders to lead problem solving, evolve system roadmap and take critical decisions. • Provide clear communication with regular updates/reports to the management team.

Role Description Implements, maintains, and assesses security controls supporting enterprise and government systems in alignment with approved baselines, organizational requirements, and federal cybersecurity standards. Supports system authorization activities, including the development, maintenance, and delivery of System Security Plans (SSPs), Plans of Action and Milestones (POA&Ms), and related security documentation required for Authorization to Operate (ATO) approval. - Monitors system security posture, identifies risks, vulnerabilities, and compliance gaps, and coordinates remediation activities with system owners, technical teams, cybersecurity operations, and governance stakeholders. - Supports continuous monitoring, vulnerability management, configuration management, change management, audit preparation, and security reporting activities. - Assesses the security impact of system changes and ensures systems are prepared for security assessments, audits, and Authorizing Official reviews. - Serves as a cybersecurity liaison between system teams, cybersecurity operations, and governance bodies to support secure system operations, compliance, and delivery of System Security Plans to the Y-12 Field Office for Approval to Operate. This is a remote position. Qualifications - Five (5+) to ten (10+) years of experience in cybersecurity, information systems security, security control assessment, ISSO support, system authorization, or programs and contracts of similar scope, type, and complexity is required. - Firm understanding of NIST SP 800-37 and NIST SP 800-53. - Experience implementing, maintaining, and assessing security controls aligned with approved security baselines and organizational requirements. - Experience supporting system authorization activities, including preparation and maintenance of System Security Plans (SSPs), POA&Ms, and other ATO-related documentation. - Experience monitoring system security posture and identifying risks, vulnerabilities, compliance gaps, and remediation requirements. - Experience tracking and managing POA&Ms and coordinating remediation activities with system owners, technical stakeholders, and cybersecurity teams. - Experience supporting continuous monitoring activities, vulnerability management, security reporting, and audit readiness. - Experience assessing the security impact of system changes and supporting configuration and change management processes. - Experience preparing systems for security assessments, audits, and Authorizing Official reviews. - Ability to serve as a security liaison between system teams, cybersecurity operations, and governance bodies. - Experience working in secure government, DOE, or federal cybersecurity environments preferred. Education, Certifications, & Credentials - Associate’s, Bachelor’s, or Master’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or a related technical field preferred. - Technical field experience may be weighted greater than minimum education requirements. - No clearance is required for this position. This is a remote position. All duties and responsibilities may not be captured in this job description. To find out more, please reach out to the recruiter for this role.