Cybersecurity Assessment and Authorization Subject Matter Expert (SME)

The Cybersecurity Assessment and Authorization (A&A) Subject Matter Expert (SME) serves as a senior cybersecurity authority responsible for supporting the authorization of information systems and ensuring compliance with Department of Defense (DoD) cybersecurity policies and procedures. The SME performs and supports the DoD cybersecurity authorization process, either as the system authorizing expert or as a subject matter expert for systems undergoing authorization.

This role requires a strong understanding of how security controls defined in NIST SP 800-53 are applied during the assessment and authorization process across large and complex enterprise environments such as those supporting the Defense Logistics Agency (DLA). These environments may include multiple enclaves, Automated Information Systems (AIS), enterprise applications, and outsourced IT services.

The SME evaluates vulnerabilities and determines the appropriate severity value for identified security control deficiencies. Additionally, the SME assesses potential impacts on system authorization status and provides recommendations for remediation. The role involves briefing senior leadership on the progress, risks, and outcomes of systems undergoing the Risk Management Framework (RMF) authorization process.

Minimum Requirements

• Minimum five (5) years of experience supporting Risk Management Framework (RMF) and NIST Assessment and Authorization (A&A) processes.

• Demonstrated DoD cybersecurity experience.

• Experience assessing security controls and conducting authorization reviews for large, complex organizations.

• Strong understanding of DoD cybersecurity authorization policies, procedures, and implementation processes.

• Experience supporting the DoD RMF authorization lifecycle.

• Knowledge of cybersecurity considerations related to emerging technologies, including:

  • Cloud environments

  • Industrial Control Systems (ICS)

  • Warehouse Execution Systems

  • Operational Technology (OT) infrastructures.

Clearance Requirements

• Must possess an active DoD Secret Clearance.

• Must hold IT-II Non-Critical Sensitive security clearance or Tier 3 (T3) at the time of proposal submission.

DLA CERT Personnel Requirements

Personnel assigned to the Defense Logistics Agency (DLA) Cyber Emergency Response Team (CERT) must meet the following requirements:

• Active DoD Top Secret Clearance

• IT-I Critical Sensitive security clearance or Tier 5 (T5) at the time of proposal submission

• Personnel assigned as DLA CERT Analysts must maintain a CSSP Analyst certification

Company Overview

Founded in 1996, Horizon Industries Limited (Horizon) has grown into a team of highly qualified professionals providing full-cycle IT consulting and management support to both public and private sector clients.

Horizon fosters a culture that promotes work-life balance and offers a comprehensive benefits package, including:

• Medical, dental, vision, and disability insurance

• 401(k) retirement plan with 100% vesting from day one and employer matching after 90 days

• Educational Assistance Program

• Student Loan Repayment Program

• Gym Reimbursement Program

Equal Employment Opportunity

Horizon Industries Limited is an Equal Employment Opportunity (EEO) employer. All qualified applicants will receive consideration for employment without regard to sex, race, color, creed, religion, national origin, sexual orientation, marital status, age, disability, veteran status, alienage, ancestry, citizenship status, or any other factor protected by law.

EOE / M / F / Vet / Disabled