SME Cybersecurity Engineer

GovCIO is currently hiring for a SME Cybersecurity Engineer to support cybersecurity, compliance, and risk management activities supporting the U.S. Coast Guard (USCG). This role provides high-level engineering, technical leadership, and strategic guidance to maintain federal security standards, manage vulnerabilities, and ensure mission-critical systems achieve and retain authorization. This position will be located in Alexandria, VA, and will be a hybrid position.

As an SME Cybersecurity Engineer, you will serve as a principal technical authority for the cybersecurity posture, compliance framework, and risk management initiatives. Core responsibilities include:

• Lead the drafting and maintenance of comprehensive Authority to Operate (ATO) packages and documentation in alignment with federal guidelines.
• Provide expert guidance in the selection, tailoring, and implementation of complex security controls applicable to the system environment.
• Identify, select, and oversee the application of appropriate Defense Information Systems Agency (DISA) Security Technical Implementation Guide (STIG) Checklists.
• Create, manage, and actively monitor Plan of Action and Milestones (POA&Ms) to ensure swift remediation of enterprise security gaps.
• Lead and conduct thorough Privacy Threshold Analysis (PTA) to ensure federal data privacy compliance.
• Actively monitor Assured Compliance Assessment Solution (ACAS) scans and collaborate with technical infrastructure teams to remediate identified vulnerabilities.
• Direct and document regular Contingency Plan (CP) testing to ensure operational resilience and disaster recovery readiness.
• Support change management processes by overseeing the accurate completion and routing of all required engineering paperwork.
• Facilitate Cybersecurity Service Provider (CSSP) onboarding processes to align with organizational defense-in-depth strategies.
• Engage, coordinate, and maintain strategic communication with various departments within Coast Guard Cyber Command (CGCYBER).
• Respond accurately and promptly to Cyber Operational Readiness Assessment (CORA) and broader CGCYBER data calls.
• Provide all requested technical security documentation to the primary Information Systems Security Officer (ISSO) to support overarching compliance.

High School with 12+ years (or commensurate experience)

Required Skills & Experience

• Certifications: DoD 8570.01-M IAM Level I Certification (e.g., Security+ CE, CAP, GSLC, or equivalent).
• Demonstrated practical user experience with Assured Compliance Assessment Solution (ACAS) for federal vulnerability scanning.
• Hands-on experience utilizing Security Information and Event Management (SIEM) systems for analyzing security alerts and system logs.
• Familiarity with Extended Detection and Response (XDR) platforms for endpoint and network threat detection.
• Direct user experience navigating the Enterprise Mission Assurance Support Service (eMASS) for IT security compliance and risk management.
• Proven understanding of the Risk Management Framework (RMF) process and federal system hardening procedures.

Clearance Level: Must have an active Secret clearance  

Preferred Skills & Experience

• Experience supporting U.S. Coast Guard (USCG) or Department of Homeland Security (DHS) cybersecurity programs.
• Advanced baseline cybersecurity certifications such as IAM Level II/III credentials (e.g., CISSP, CISM, or CASP+).
• Prior experience participating directly in formal federal security audits or Cyber Operational Readiness Assessments (CORA).
• Familiarity with automation tools or dashboards used to track and report vulnerability remediation progress.s.