Cyber Assessment and Authorization Subject Matter Expert

About Enterprise Solutions and Management (ESM)

Enterprise Solutions and Management (ESM) is a rapidly growing government contractor that provides strategic IT services that meet mission needs for Defense and Federal customers. We are hiring a Cyber Assessment and Authorization Subject Matter Expert for an exciting opportunity.

Job Description and Responsibilities

• Provides expert support, research, and analysis of exceptionally complex problems and associated processes, serving as a technical authority for the Cybersecurity Assessment Program by offering direction, interpretation, and alternative solutions to challenging issues.
• Operates independently with exceptional written and verbal communication skills, applying advanced technical principles, theories, and concepts while contributing to the development of new methodologies and innovations.
• Tackles highly complex technical problems with ingenuity, delivering creative and effective solutions, and recommends cybersecurity software tools while supporting the development of tool requirements, selection criteria, and product-specific STIGs derived from applicable DISA SRGs.
• Works under consultative direction toward long-range goals and objectives, often initiating assignments independently and determining the necessary courses of action to achieve desired outcomes.
• Develops advanced technological concepts and supports their maturation into finalized products, including contributions to the SP4709-26-Q-4007 Contingency and Adaptive Planning Software Integration System (CAPSIS) IT Support initiative.

Required Knowledge, Skills and Abilities (KSA)

• Conduct CCRI, vulnerability assessments, and penetration testing across networks, databases, applications, and IT systems
• Analyze and resolve cybersecurity issues using strong problem-solving and analytical skills
• Configure and implement secure network architectures and components
• Hold CCRI certification in at least one domain (e.g., OS, boundary/internal defense, DNS, HBSS, wireless, or traditional security)
• Apply DoD security regulations, DISA STIGs, SCAP, and RMF frameworks
• Utilize cybersecurity tools and technologies (e.g., NESSUS, SCCM, VULNERATOR) and assess web, database, email, wireless, and physical security systems

Desired KSA

• Be a positive, self-motivated, and proactive person with the ability to adapt to change and tolerate stressful situations
• Candidate must communicate effectively with team members, team lead, management, and government customer
• Must have the ability and desire to research and develop creative solutions to unique problems with minimal supervision

Minimum Training, Education, and Certifications

• Seven (7) years of IT experience
• Five (5) years of Cybersecurity Experience
• DISA FSO certified CCRI Team Lead
• Certification in penetration testing, such as:
  • Licensed Penetration Tester (LPT)
  • Certified Expert Penetration Tester (CEPT)
  • Certified Ethical Hacker (CEH)
  • Global Information Assurance Certification Penetration Tester (GPEN)
• Tenable Certified NESSUS Auditor

Minimum Clearance

• Secret

Physical Requirements

• Required to stand, walk and sit; communicate verbally both in person and by telephone; use hands to finger, handle or feel objects or controls; reach with hands and arms. Regularly required to stoop, kneel, bend, crouch and lift up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, color vision and the ability to adjust focus.
• Physical demands associated with this position include extensive walking (including stairs) throughout offices and between buildings. May require use of public transportation, personal or Government vehicle to drive to local and/or remote office locations.

Additional Requirements

• Other duties as assigned

ESM provides equal employment opportunity to all individuals regardless of race, color, creed, religion, gender, age, sexual orientation, national origin or ancestry, disability, genetic information, veteran status, gender identification or any other characteristic protected by state, federal or local law.