Cybersecurity Compliance SME at Gunnison Consulting Group – Washington, District of Columbia

Salary: $115,000 - $125,000/year

We are seeking a knowledgeable and detail-oriented Cybersecurity Compliance Subject Matter Expert (SME) to support our Department of State client. This role will support the continued maturation of the customer’s cybersecurity program by contributing expert guidance on cyber policy, compliance, risk management, and operational reporting. The ideal candidate combines deep compliance expertise with strong analytical and data visualization skills to support informed decision-making through metrics and dashboards.

Duties and Responsibilities

• Support the development, interpretation, and implementation of cybersecurity policies and procedures within a secure software development environment, ensuring alignment with applicable security framework series and federal requirements.
• Serve as a cybersecurity compliance SME for U.S. Government contracting environments, maintaining up-to-date knowledge of relevant regulations, standards, and policies and advising stakeholders on their application.
• Conduct risk assessments, identify security control gaps and vulnerabilities, and recommend mitigation strategies to strengthen security posture across development and operational environments.
• Support compliance monitoring activities, including preparation for audits, assessments, and inspections; assist in identifying findings and contributing to remediation planning and documentation.
• Collaborate with security, engineering, and program stakeholders to support the development and delivery of role-based cybersecurity training (e.g., SO, ISSO, ISSM) and security awareness initiatives.
• Develop, maintain, and analyze cybersecurity compliance metrics to measure program effectiveness, control performance, and risk trends.
• Design and produce cybersecurity dashboards and reports using Power BI, Excel, and related tools, translating complex compliance and risk data into clear, actionable visualizations for technical and non-technical audiences.
• Support continuous process improvement by identifying opportunities to streamline compliance tracking, reporting, and documentation within a dynamic software development environment.

• Bachelor’s degree in Cybersecurity, Information Systems, Computer Science, or a related field; equivalent relevant experience may be considered in lieu of a degree.
• Minimum of 8 years of experience in cybersecurity compliance, with demonstrated experience supporting U.S. Government contracting and software development environments.
• Strong working knowledge of U.S. Government cybersecurity regulations and standards, including NIST, FISMA, FedRAMP, DFARS, and related frameworks.
• Experience supporting security audits, assessments, or compliance reviews within federal or government-regulated environments.
• Proven ability to analyze compliance and security data and translate findings into meaningful metrics, reports, and recommendations.
• Proficiency in Excel (data analysis, pivot tables, charts) and experience designing Power BI dashboards or similar data visualization solutions.
• Excellent written and verbal communication skills, with the ability to clearly explain cybersecurity risks, compliance requirements, and trends to diverse stakeholders.
• Detail-oriented and proactive mindset with a strong focus on accuracy, documentation quality, and continuous improvement.

Desired Qualifications:

• Cybersecurity certifications such as CISSP, CISM, or equivalent.
• Experience with Department of State FAM/FAH, including integration of requirements into system documentation, processes, and compliance artifacts.
• Prior experience developing or maintaining executive-level or program-level cybersecurity dashboards.
• Familiarity with SDLC-related compliance artifacts (SSP, POA&M, RA, CMF documentation, etc.).

Clearance Requirement: Active Secret clearance required.

The salary range for this position depends upon multiple factors including location, the individual's knowledge, skills, competencies, and experience, and contract-specific budget constraints and organizational requirements.
Gunnison Consulting Group's total compensation package also includes bonus and profit-sharing opportunities, depending on company and employee performance. Available employee benefits include:

• 3 weeks of Personal Leave your first year
• 11 paid Holidays each year
• 5 days of Flexible Time Off each year
• 401(k) company match at 50% up to 10% of your salary
• Medical, Dental and Vision Insurance
• Life and Disability Insurance
• Public Transportation Subsidies
• Certifications and Training Allowance - $2,500/year!

Why Join Gunnison?

• Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
• Quality is our top priority.
• Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
• There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.
• We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
• We hire for careers at Gunnison, not to fill a position.

Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.
In 1994 Gunnison began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.