Subject Matter Expert (SME) Cybersecurity Consultant – Control Testing jobs in United States
cer-icon
Apply on Employer Site
company-logo

Rapid Strategy · 5 months ago

Subject Matter Expert (SME) Cybersecurity Consultant – Control Testing

positionCharlotte, NC
timeFull-time
remoteOnsite
senioritySenior Level, Lead/Staff
date10+ years exp

Rapid Strategy is seeking a Subject Matter Expert (SME) Cybersecurity Consultant to lead control testing efforts for federal and critical industry clients. The role involves conducting comprehensive cybersecurity control assessments, providing guidance to assessment teams, and ensuring compliance with federal regulations.

AdviceCloud SecurityCyber SecuritySecurity
badNo H1BnoteU.S. Citizen Onlynote

Responsibilities

Lead and perform comprehensive cybersecurity control assessments in accordance with NIST 800-53 v5, NIST 800-37, and FISMA requirements
Serve as the subject matter expert (SME) for control testing methodologies, providing guidance and mentorship to assessment teams
Review and validate control implementation and effectiveness, ensuring compliance with federal regulations and organizational policies
Develop and deliver key artifacts, including System Security Plans (SSPs), Security Assessment Reports (SARs), and Plan of Action and Milestones (POA&Ms)
Analyze security documentation, configurations, and evidence to assess compliance with security and privacy controls
Collaborate with cross-functional teams, including IT, security, and audit teams, to identify, document, and mitigate risks
Provide technical expertise in the implementation of the Risk Management Framework (RMF) process, supporting system authorization and accreditation
Assist in the preparation for audits, inspections, and other regulatory assessments, ensuring successful outcomes
Stay informed about evolving federal cybersecurity regulations, standards, and threats to provide proactive recommendations
Communicate assessment findings and recommendations effectively to both technical and non-technical stakeholders, including senior leadership and government clients

Qualification

NIST 800-53NIST 800-37FISMARisk Management FrameworkControl assessmentsSecurity artifacts developmentAnalytical skillsCybersecurity tools familiarityCertifications CISSPCertifications CAPCertifications CISMCertifications CRISCCommunication skills

Required

MUST BE A U.S. CITIZEN
10+ years of experience in cybersecurity, with a strong focus on control testing and compliance in federal environments
In-depth knowledge of NIST 800-53 v5, NIST 800-37, and FISMA frameworks and requirements
Proven expertise in conducting control assessments, documenting findings, and developing remediation plans
Strong understanding of the Risk Management Framework (RMF) process and its application to federal systems
Experience in developing security artifacts, including SSPs, SARs, and POA&Ms
Exceptional analytical skills, with the ability to assess complex systems and identify compliance gaps
Excellent verbal and written communication skills, with experience briefing senior executives and federal clients
Bachelor's degree in Cybersecurity, Information Technology, or a related field

Preferred

Certifications such as CISSP, CAP, CISM, or CRISC
Experience in privacy control assessments and integrating privacy requirements into security programs
Familiarity with cybersecurity tools and technologies used for testing and validation

Company

Rapid Strategy

twittertwittertwitter
company-logo
Rapid Strategy specializes in cybersecurity services, focusing on risk mitigation and rapid solution delivery.
location
Charlotte, North Carolina, USA
people-size11-50 employees
web-link
https://www.rapidstrategy.io

Funding

Current Stage
Early Stage

Leadership Team

leader-logo
Ron Meeting
Chief Executive Officer
linkedin
leader-logo
Jesse Rhee
Chief Operating Officer
linkedin
Company data provided by crunchbase