Assess and implement Zero Trust principles and architectures within the Risk Management Framework (RMF) process to enhance security across digital assets.
Integrate Zero Trust controls into system designs, configurations, and operational workflows.
Collaborate with Information System Security Officers (ISSO), Information System Security Managers (ISSM), Supply Chain Risk Management (SCRM), and other cross-functional teams to strengthen the Zero Trust framework.
Conduct risk assessments to identify vulnerabilities and recommend mitigation strategies.
Generate, prepare, store, and maintain cybersecurity Body-of-Evidence (BOE) results to support the DoD RMF cybersecurity authorization process.
Define and maintain BOE requirements for the System.
Collect and organize BOE results generated by the software team as part of the DevSecOps process.
Publish, organize, and maintain BOE results in a Government-approved system (e.g., eMASS or Xacta).
Develop and deliver training and awareness programs on Zero Trust principles and cybersecurity best practices.
Stay current with emerging threats and cybersecurity trends to continuously improve security posture.
Prepare and present reports on security assessments and compliance status to stakeholders.

Bachelor’s degree or higher from an accredited college or university, or equivalent offerings listed in the DoD 8140 Training Repository, or possess GCFA or GCIA certification.
Minimum of 5 years of experience in cybersecurity, with a focus on Zero Trust architectures and RMF processes.
Active Top Secret clearance.
Proven experience in managing and leading teams, with a track record of successful project delivery.
Strong understanding of cybersecurity frameworks and compliance requirements.
Excellent communication and interpersonal skills to collaborate effectively with cross-functional teams.

Lead SME – Zero Trust Cyber Security Analyst

Key skills