Zero Trust; Zt Data Subject Matter Expert

ZERO TRUST (ZT) DATA SUBJECT MATTER EXPERT POSITION OVERVIEW

The Zero Trust Data Subject Matter Expert (ZT Data SME) exists to provide senior‑level advisory expertise in assessing, analyzing, and advancing the agency’s enterprise data security and data governance posture in alignment with Zero Trust Architecture (ZTA) principles. This role serves as the program’s authoritative advisory voice on the Data pillar of the CISA Zero Trust Maturity Model v2.0 (ZTMM v2.0), translating federal ZT mandates, including OMB M-22-09, EO 14028, and NIST SP 800-207, into recommended data classification, data access control, and data governance frameworks for agency consideration and concurrence.

All advisory products produced by this position are subject to TSA review and concurrence prior to any agency action.

• Provide senior advisory guidance on the assessment and advancement of the agency’s enterprise data classification, data governance, and data access control posture in support of Zero Trust Architecture implementation.
• Continuously monitor the federal ZT policy and regulatory landscape, including EOs, OMB memoranda, NIST publications, CISA guidance, and NSA Zero Trust Implementation Guidelines (ZIGs), as they relate to data‑layer security requirements; develop recommended updates to program advisory positions for leadership review.
• Conduct comprehensive gap analyses of existing agency data classification schemas, data access policy frameworks, and data lifecycle governance practices against CISA ZTMM v2.0 Data pillar criteria; develop recommended enhancement approaches for agency concurrence.
• Provide advisory support for the development and continuous maturation of the agency’s ZT Common Control Catalog, with specific focus on data‑layer control mappings to NIST SP 800‑53 Rev. 5 control families and CISA ZTMM v2.0 Data pillar maturity indicators.
• Develop recommended updates to the ZT Roadmap and Implementation Plan, incorporating data pillar maturity advancement priorities and data governance enhancement recommendations for agency review.
• Apply real‑time analysis of data access telemetry, CDM data‑layer indicators, and behavioral risk signals to proactively surface emerging data exposure vectors and recommend advisory responses for agency consideration.
• Collaborate with cross‑functional ZT pillar SMEs to validate data policy outcomes and provide recommended approaches ensuring data layer integration across Identity, Devices, Networks, and Applications & Workloads pillar assessments.
• Support all internal and external ZT data calls, requests, audits, and compliance updates related to the Data pillar; ensure recommended responses align with CISA ZTMM v2.0 criteria and applicable federal mandates.
• Develop recommended new and revised data governance policy documents and data security SOPs; all final documentation requires TSA concurrence prior to issuance.
• Provide senior advisory support to ZT leadership on data pillar planning, scheduling, solution development, reporting, and integration activities as directed by the ZT SME Team Leader.
• Leverage AI‑assisted analysis tools, automation platforms, and prompt engineering techniques to enhance the efficiency, depth, and quality of data pillar advisory assessments and deliverables.

• Expert‑level mastery of CISA ZTMM v2.0 Data pillar maturity criteria with demonstrated ability to conduct authoritative gap assessments and recommend targeted advancement strategies.
• Authoritative knowledge of federal data security mandates including OMB M‑22‑09, EO 14028, NIST SP 800‑207, NIST SP 800‑53 Rev. 5, and applicable FISMA requirements as they relate to data classification, data access, and data lifecycle governance.
• Demonstrated capability to lead enterprise‑scale data classification and data governance assessment efforts in a federal environment; ability to translate policy requirements into operationally actionable recommended frameworks.
• Expert‑level proficiency in data‑layer ZT control assessment, including attribute‑based access control…