Information Assurance Cybersecurity Subject Matter Expert in United States at Jobgether
Explore Related Opportunities
Job Description
This position is listed on behalf of a partner company, who manages all applications and next steps. Our partner is looking for an Information Assurance Cybersecurity Subject Matter Expert based in United States.
In this remote role, you will play a critical part in protecting mission-critical healthcare technology systems by leading cybersecurity and information assurance initiatives in a highly regulated federal environment. You will oversee Risk Management Framework (RMF) activities, support system accreditation efforts, and ensure compliance with Department of Defense cybersecurity standards. Working with cross-functional technical teams, you will help strengthen the security posture of enterprise applications throughout their lifecycle. This position is ideal for an experienced cybersecurity professional who thrives in complex environments, enjoys solving challenging compliance issues, and is passionate about safeguarding sensitive information while supporting impactful public sector programs.
- Lead Information System Security Officer (ISSO) activities, ensuring the confidentiality, integrity, availability, and compliance of enterprise applications and information systems.
- Manage RMF processes, including Authority to Operate (ATO) packages, continuous monitoring activities, risk assessments, annual reviews, and accreditation documentation within eMASS.
- Develop, maintain, and update cybersecurity documentation such as security plans, Privacy Threshold Analyses (PTAs), Privacy Impact Assessments (PIAs), FIPS 199 documentation, standard operating procedures, and related security artifacts.
- Implement and maintain compliance with DISA Security Technical Implementation Guides (STIGs), NIST 800-53 controls, and other federal cybersecurity requirements.
- Conduct vulnerability assessments, coordinate ACAS scanning activities, analyze security risks, and recommend mitigation strategies throughout the system development lifecycle.
- Support medical device cybersecurity initiatives by promoting standardized, secure technology solutions and collaborating with technical and operational stakeholders.
- Coordinate accreditation-related activities, including audit preparation, Independent Verification & Validation (IV&V), and security program improvements.
- Bachelor's degree in Cybersecurity, Computer Science, or a related technical discipline.
- 5–7 years of hands-on experience implementing the Department of Defense Risk Management Framework (RMF) lifecycle.
- Strong experience using eMASS to manage RMF documentation, control implementation, POA&Ms, CCIs, and accreditation activities.
- Proven knowledge of NIST cybersecurity standards, DISA STIG implementation, vulnerability management, and federal information assurance best practices.
- Security+ certification required; CISSP certification and a Master's degree are considered strong advantages.
- Active Secret Security Clearance required.
- Excellent analytical, documentation, communication, and problem-solving skills with the ability to work independently in a fully remote environment.
- Remote work opportunity within the United States.
- Competitive annual salary ranging from $90,000 to $110,000, based on experience and qualifications.
- Comprehensive medical, dental, and vision insurance.
- 401(k) retirement plan with company matching.
- Tax-advantaged savings programs and supplemental insurance options.
- Paid time off and company-supported professional development opportunities.
- Opportunity to contribute to high-impact federal healthcare cybersecurity programs.