Cybersecurity Subject Matter Expert Lead

Overview

Please note that this position is contingent upon the successful award of a contract currently under bid.

Global in service but local in approach, Nisga'a Tek is committed to high-quality service to those who defend us. Nisga'a Tek ensures mission assurance and execution for customers and warfighters. Providing intelligence, IT, cyber security, training, logistics, administrative, acquisition, and background investigation services.

The Cybersecurity Subject Matter Expert Lead provides expert support, research and analysis of exceptionally complex problems, and processes relating to them.

Essential Job Functions:

• Serves as technical expert to the Cybersecurity Assessment Program providing technical direction, interpretation, and alternatives to complex problems.
• Thinks independently and demonstrates exceptional written and oral communications skills.
• Applies advanced technical principles, theories, and concepts.
• Contributes to the development of new principles, concepts, and methodologies.
• Works on unusually complex technical problems and provides highly innovative and ingenious solutions.
• Recommends cybersecurity software tools and assists in the development of software tool requirements and selection criteria to include the development of product specific STIGs from applicable DISA SRGs.
• Works under consultative direction toward predetermined long‑range goals and objectives.
• Assignments are often self‑initiated.
• Determines and pursues courses of action necessary to obtain desired results.
• Develops advanced technological ideas and guides their development into a final product.

Necessary Skills and Knowledge:

• Demonstrated expertise in leading and mentoring teams, providing clear guidance, quality oversight, and technical direction to ensure all cybersecurity artifacts meet DoD standards, organizational expectations, and inspection‑ready quality levels.
• Proven real‑world hands‑on experience preparing enterprise environments for DoD cybersecurity inspections (CCRI, CORA, Blue Team assessments).
• SME level experience in assessing security controls and conducting authorization reviews for large, complex organizations.
• SME level understanding of DoD cybersecurity requirements, including documenting and developing artifacts for STIGs, TCG configuration guides, IAVMs, and Task Orders.
• Oversees end‑to‑end POA&M lifecycle management, ensuring accurate documentation, status tracking, and closure of all remediation actions.
• Exceptional ability to develop, maintain, and validate RMF artifacts and cybersecurity documentation.
• Expert ability to interpret new and evolving DoD cybersecurity documentation, templates, and compliance requirements to develop high‑quality cyber security artifacts even when guidance is incomplete, ambiguous, or inconsistently applied.
• Skilled in analyzing and interpreting cybersecurity guidance from the ISSM/ISSO to produce authoritative system documents such as the SSP, CONOPS, Incident Response Plan, Contingency Plan, Configuration Management Plan, and other required artifacts.
• Proven ability to work independently and collaboratively with minimal oversight.
• Strong research, analytical, and problem solving skills.
• Proficiency with analytical tools such as Microsoft Excel, Access, Power BI, and Power Platforms.
• Ability to generate clear, accurate, and audit‑ready cybersecurity reports, including vulnerability summaries, compliance status updates, and risk findings for technical and leadership audiences.
• Ability to generate detailed analytics and trend reports using data from vulnerability scanners, configuration tools, and security platforms to support decision making and inspection readiness.
• Excellent written and verbal communication skills, including the ability to brief leadership and produce clear documentation.
• Experienced in the general tenets supporting the overall DoD implementation of its authorization process, to include supporting cybersecurity policy, procedures, and processes.
• Knowledgeable in the cybersecurity of emerging technology areas such as Cloud, information technology (IT), Industrial Control Systems (ICSs), or Operational Technology (OT)…