Serving the federal government with courage, integrity, and excellence.
Cyber Security SME
Location
United States
Posted
23 hours ago
Salary
$96.4K - $162.5K / year
Seniority
Lead
Job Description
Cyber Security SME
9th Way Insignia
• Provide expert cybersecurity guidance across enterprise systems, cloud environments, applications, networks, and mission platforms. • Lead the development and implementation of innovative cyber defense strategies that improve detection, prevention, response, and recovery capabilities. • Assess current cyber defense posture and recommend practical, scalable improvements aligned with mission, business, and regulatory requirements. • Design and support implementation of layered defense models, including Zero Trust, endpoint protection, identity-based security, network segmentation, encryption, threat monitoring, and secure cloud controls. • Evaluate emerging cybersecurity technologies, tools, and methodologies to determine applicability, maturity, risk, and operational value. • Support development of cybersecurity roadmaps, implementation plans, maturity models, and modernization strategies. • Advise leadership on cyber risk, threat trends, security gaps, mitigation strategies, and investment priorities. • Collaborate with technical teams, program managers, architects, engineers, system owners, and business stakeholders to integrate security into planning, development, operations, and sustainment activities. • Support security assessments, risk assessments, authorization activities, audits, and compliance reviews. • Provide expertise in federal cybersecurity frameworks and standards, including NIST, RMF, FISMA, FedRAMP, CMMC, CIS Controls, and Zero Trust guidance. • Recommend automation, analytics, artificial intelligence, machine learning, and security orchestration approaches to improve cyber defense effectiveness. • Support incident response planning, tabletop exercises, root cause analysis, and lessons-learned activities. • Develop cybersecurity policies, procedures, playbooks, technical guidance, briefings, and executive-level decision materials. • Mentor junior and mid-level cybersecurity staff and promote knowledge sharing across technical teams. • Identify opportunities to reduce risk, improve efficiency, strengthen resilience, and advance the organization’s cyber maturity. • This position may perform other duties as assigned. The responsibilities listed above are representative and not intended to be all-inclusive.
Job Requirements
- Master’s degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related field.
- 10+ years of cybersecurity experience, including experience supporting enterprise-level security programs.
- Demonstrated experience advising senior leaders, program managers, and technical teams on cybersecurity risk and defense strategies.
- Strong knowledge of cybersecurity architecture, security engineering, vulnerability management, incident response, identity and access management, cloud security, and continuous monitoring.
- Experience implementing or advising on cybersecurity frameworks such as NIST 800-53, NIST 800-37, NIST 800-207, FISMA, FedRAMP, CMMC, CIS Controls, or ISO 27001.
- Experience developing cybersecurity strategies, roadmaps, risk assessments, policies, procedures, and executive briefings.
- Experience with tools such as Splunk, Microsoft Sentinel, Tenable, Qualys, CrowdStrike, Palo Alto, ServiceNow GRC/IRM, Security Hub, Azure Security Center/Microsoft Defender for Cloud, or similar platforms
- Ability to evaluate technical risks and translate them into business or mission impacts.
- Strong written and verbal communication skills.
- Ability to work across multiple teams and influence decisions without direct authority.
- Possess and maintain at least one of the below certifications: CISSP, GIAC Certified Detection Analyst, GIAC Certified Forensic Analyst, GIAC Certified Intrusion Analyst, GIAC Network Forensic Analyst, GIAC Penetration Tester (GPEN), GIAC Reverse Engineering Malware (GREM), GIAC Security Expert (GSE), ISC2 Certified Information System Security.
Benefits
- Medical
- Dental
- Vision
- Voluntary Life Insurance
- 401(k)
- Basic Life A&D
- STD
- LTD
- PTO
- Telehealth
- paid holidays
- FSA
- HSA
- Employee Assistance Program (EAP)
- Traveling Assistance
Related Guides
Related Categories
Related Job Pages
More Security Engineer Jobs
Cybersecurity Engineer – AI Risk and Governance
Vantage Data CentersExperience | Scalability | Efficiency By Design
• Perform technical security testing and reviews of AI‑enabled applications, agents, and workflows • Implement approved security architecture patterns for AI, ML, and LLM systems across cloud, hybrid, on‑prem, and OT‑adjacent environments • Engineer secure inference paths, APIs, service identities, authentication flows, and segmentation boundaries aligned with least privilege and zero trust principles • Implement technical safeguards to mitigate prompt injection, unauthorized context expansion, data leakage, hallucination risk, and unsafe output handling • Configure and maintain controls for limiting, monitoring, logging, and managing AI usage across platforms, models, and agents • Implement and validate technical controls supporting model explainability, traceability, and output validation where AI impacts operational, workforce, safety, or compliance decisions • Review and validate LLM usage patterns, including prompt design, retrieval‑augmented generation (RAG), context window constraints, and output handling mechanisms • Implement controls preventing unauthorized external model training, reuse, or retention of enterprise data by third‑party AI platforms • Validate encryption, access logging, retention, and deletion controls for data ingested, processed, or generated by AI systems • Execute AI‑specific threat modeling activities and contribute findings to enterprise and OT cybersecurity risk assessments • Ensure AI systems produce security telemetry, logs, and audit trails sufficient to detect misuse, drift, policy violations, or anomalous behavior • Integrate AI security signals into SOC, SIEM, and incident response tooling and workflows • Support investigation and response to AI‑related incidents, including data exposure, model failure, unsafe outputs, or control breakdowns • Conduct technical security reviews of vendor‑provided and embedded AI capabilities, assessing model behavior, data handling, and control alignment • Enforce approved security requirements for AI vendors and prevent activation of AI features without required security validation and governance approval • Drive alignment with ISO 42001 and related AI governance standards across applicable teams
• Triage, investigate, and respond to alerts across the SOC queue, hitting SLAs and following playbooks • Lead incident investigations, gather evidence, correlate events, and coordinate containment and recovery • Build and tune AI-assisted and agentic workflows across SIEM, SOAR, and EDR, including Claude via API • Engineer detection content: rules, queries, and alert tuning mapped to MITRE ATT&CK • Write and maintain SOAR playbooks and automation scripts that cut manual toil and accelerate response • Hunt for threats proactively, forming and testing hypotheses against current adversary TTPs • Maintain the SOC technology stack: integrations, health, and content engineering across all platforms • Keep SOX and SOC 2 Type 2 audit-ready evidence: logging coverage, incident records, and procedures • Partner with IT, Cloud, Risk, and Compliance to embed telemetry and surface findings clearly
• Accountable for the go-to-market product roadmap, strategy, and execution of product launches for our security portfolio. • Lead the development and execution of GTM strategies pre and post launch for product features and updates for retention, acquisition, upsell and cross sell opportunities that drive engagement and adoption. • Partner with our Audience and Vertical Marketing Manager to develop persona-based value proposition and messaging frameworks that will be leveraged both internally and externally for our security response portfolio to drive articulation positioning aligned to GTT’s KPIs. • Work closely with Product Leaders to identify needs and sharpen product offerings based on competitive landscape and feedback from customers. • Partner with our Storyteller to create new and manage existing marketing and sales enablement materials (sales documentation, product videos, website copy, blog posts, data sheets and whitepapers). • Conduct product marketing data analysis by gathering and interpreting data and presenting it in a clear and actionable manner. • Identify GTM success metrics and measure the results of your strategies and initiatives and continue to iterate to maximize results. • Establish clear understanding of our client’s needs, product offerings, and competitive landscape in order to ensure product strategies align with market demand.
• Du arbeitest eng mit erfahrenen Cybersecurity Engineers zusammen und wirst aktiv in Kundenprojekte eingebunden. • Du bist Ansprechpartner des Kunden bei Rückfragen zu Sicherheitsvorfällen. • Du analysierst im Team strukturelle Schwächen des Kunden. • Du gibst einfache Best Practices weiter, auch an nicht-technische Ansprechpartner. • Du analysierst Logs und sicherheitsrelevante Datenquellen zur Erkennung möglicher Risiken. • Gemeinsam mit deinem Mentor arbeitest du kontinuierlich an deinen technischen und beratenden Fähigkeiten.




