Foxhole Technology ยท 3 weeks ago
Cybersecurity Automation Subject Matter Expert (SME)
US-DC
Full-time
Hybrid
Senior Level, Lead/Staff
$185K/yr - $205K/yr
15+ years expFoxhole Technology provides robust cybersecurity and IT support capabilities for federal civilian and defense agencies. They are seeking a Cybersecurity Automation Subject Matter Expert to modernize and streamline cybersecurity compliance through automated solutions.
Information Technology
No H1B
Security Clearance RequiredU.S. Citizen Only
Responsibilities
Provide subject matter expertise in the development and deployment of automated RMF security control assessment, informing authorization, and continuous monitoring processes
Develop, integrate, and maintain automated workflows for evidence collection, control validation, and reporting
Leverage scripting, orchestration, and DevSecOps pipelines to embed compliance and security checks
Collaborate with cybersecurity engineers, assessors, system owners, and other stakeholders to align automation solutions with mission needs
Integrate automated testing tools (e.g., vulnerability scanners, configuration management tools) into RMF packages
Provide subject matter expertise on leveraging OSCAL (Open Security Controls Assessment Language) and other machine-readable compliance frameworks
Deliver training, documentation, and guidance to program teams on automated RMF practices
Stay current and provide feedback and recommendations on DoD cybersecurity policies, NIST updates, and emerging compliance automation technologies
Qualification
Required
TS/SCI security clearance required
Bachelor's degree in Cybersecurity, Information Systems, Computer Science, or related field
15+ years of experience in DoD cybersecurity compliance, assessment, or risk management
Hands-on expertise with RMF processes, NIST SP 800-53 Rev. 5 controls, and DoD RMF [DoDI 8510.01]
Experience developing automation solutions using Python, PowerShell, Ansible, or similar scripting/orchestration tools
Familiarity with continuous monitoring and automated compliance reporting
DoD 8570.01-M certification (e.g., CISSP, CAP, Security+ CE)
Ability to work on-site 1-4 days a week
Provide subject matter expertise in the development and deployment of automated RMF security control assessment, informing authorization, and continuous monitoring processes
Develop, integrate, and maintain automated workflows for evidence collection, control validation, and reporting
Leverage scripting, orchestration, and DevSecOps pipelines to embed compliance and security checks
Collaborate with cybersecurity engineers, assessors, system owners, and other stakeholders to align automation solutions with mission needs
Integrate automated testing tools (e.g., vulnerability scanners, configuration management tools) into RMF packages
Provide subject matter expertise on leveraging OSCAL (Open Security Controls Assessment Language) and other machine-readable compliance frameworks
Deliver training, documentation, and guidance to program teams on automated RMF practices
Stay current and provide feedback and recommendations on DoD cybersecurity policies, NIST updates, and emerging compliance automation technologies
Preferred
Experience with Governance, Risk, and Compliance (GRC tools) (e.g., eMASS, Archer, Xacta) and their automation/integration
Knowledge of OSCAL and machine-readable RMF artifacts
Experience with DevSecOps pipelines, CI/CD, and Infrastructure as Code (IaC)
Background in vulnerability management, STIG compliance, or automated security testing
Benefits
Health, dental, and vision care
Paid leave
Retirement plans (401K, Roth, and ESOP)
Life and disability insurance
Flexible spending accounts
Education and training assistance
Company
Foxhole Technology
Foxhole Technology is an information technology company that offers cloud computing solutions.
51-200 employees
Funding
Current Stage
Growth StageLeadership Team
Wes Hester
CEO
Company data provided by crunchbase