Cybersecurity SME - Cyber Defense Operations

Job Title: Cybersecurity Subject Matter Expert (SME) – Cyber Defense Operations

Department: Information Security / Cyber Operations

Reports To: RSekure Program Manager

Location: Chantilly, VA

Schedule: Monday – Friday

Hours: Full-time, 40-hours/week

Clearance Req: TS/SCI – Full-Scope Polygraph

FLSA Status: Salaried, exempt

Position Summary

RSekure is seeking a highly skilled Cybersecurity Subject Matter Expert (SME) to join our Cyber Defense Operations team in Chantilly, VA. The ideal candidate will possess a strong blend of offensive and defensive cybersecurity expertise, demonstrating proficiency in understanding, conducting, and defending against sophisticated cyber threats. This role requires hands-on experience in ethical hacking, penetration testing, and incident response, and will contribute significantly to our organization's cyber resilience and security posture.

Essential Duties and Responsibilities

• Threat Detection & Monitoring:
  Design, implement, and optimize security monitoring solutions to detect advanced persistent threats (APTs), malware, and other cyberattacks.
• Incident Response & Management:
  Lead and participate in cyber incident response activities, including investigation, containment, eradication, and recovery. Develop and refine incident response playbooks and procedures.
• Vulnerability Management & Penetration Testing:
  Conduct comprehensive vulnerability assessments and penetration tests (e.g., network, web application, cloud, API) to identify and prioritize security weaknesses. Simulate real-world attack scenarios to evaluate the effectiveness of existing controls.
• Security Architecture & Engineering:
  Provide expert guidance on secure system design and implementation. Recommend and implement security controls, tools, and technologies to enhance defensive capabilities.
• Threat Intelligence:
  Stay abreast of the latest cybersecurity threats, vulnerabilities, and attack techniques. Integrate threat intelligence into defensive strategies and proactive measures.
• Security Operations Center (SOC) Support:
  Collaborate with and provide mentorship to SOC analysts, enhancing their capabilities in threat hunting, analysis, and response.
• Policy & Procedure Development:
  Contribute to the development and refinement of cybersecurity policies, standards, and procedures.
• Training & Awareness:
  Educate internal teams on cybersecurity best practices, emerging threats, and secure coding principles. Lay groundwork and grow Cybersecurity practice.
• Documentation:
  Maintain accurate and detailed documentation of security incidents, vulnerabilities, and mitigation strategies.
• Enter the actual time worked, once complete, at the end of the day, or no later than 10:00 a.m. the following workday, and submit timesheets at the end of each pay period.
• Monitor RSekure email on a regular basis, at least 2 times per week, and respond accordingly.
• Complete required compliance training as assigned.
• Other duties as assigned.

Qualifications, Knowledge, and Critical Skills

• Demonstrated experience with common offensive security tools and methodologies (e.g., Metasploit, Nmap, Burp Suite, Cobalt Strike).
• Strong understanding of network protocols, operation systems (Windows, Linux), and cloud environments (AWS, Azure, GCP).
• Experience with security information and event management (SIEM) systems (e.g., Splunk, QRadar, Elastic Stack).
• Proficiency in scripting languages (e.g., Python, Power Shell, Bash) for automation and analysis.
• Familiarity with various attack vectors, exploitation techniques, and defensive countermeasures.

Education and Work Experience

• Bachelor's degree in Computer Science, Cybersecurity, Information Technology, or a related field.
• Minimum of 5+ years of progressive experience in either offensive (e.g., penetration testing, red teaming, ethical hacking) or defensive (e.g., security operations, incident response, threat hunting) cyber operations.

Desired Certifications and Licenses

• Offensive Security Certified Professional (OSCP)
• GIAC Certifications (e.g., GCIH, GCFA, GPEN, GWAPT, GSEC)
• Certified Ethical Hacker (CEH)
• Black Hat Certified Pentester (BCPen)
• Compt
  
  TIA CySA+, Pen Test+
• (ISC)2 CISSP, CSSLP

Special Requirements

• TS/SCI clearance with a Full-Scope polygraph.

Work Environment

Employee will be working indoors in an office environment with other people. Typical indoor and computer related noise level, and typical office, paper, and equipment related dust. Exposure to video display terminals occurs on a regular basis.

Physical Demands

To successfully perform the essential functions of the job, the employee needs to be able to sit at a workstation for extended periods; use hand(s) to handle or feel objects, tools, or controls; reach with hands and arms; talk and hear; see to read printed materials and computer screens; mobility to work in a typical office setting. The ability to stand, walk, squat, bend, kneel, stoop, and climb will be required for this position.

Ability to work on desktop or laptop computer for extended periods of time reading,…