Critical Infrastructure / Physical Security Subject Matter Expert
Position Type: Full-time
Location: Washington, DC Metro preferred; travel required for stakeholder exercises
Clearance / Suitability: Secret preferred; ability to obtain and maintain Secret and DHS suitability required
Travel: Required as directed
Position Summary The Critical Infrastructure / Physical Security SME provides subject matter expertise for infrastructure security, soft targets and crowded places, physical security, threat-based scenarios, vulnerability and consequence considerations, sector-specific risk, and protective measures. The SME ensures CISA exercises are realistic, sector-informed, operationally relevant, and aligned to the needs of public and private critical infrastructure partners.
Essential Duties and Responsibilities - Advise exercise teams on physical security, critical infrastructure risk, soft targets and crowded places, protective measures, threat pathways, sector dependencies, and operational impacts.
- Support scenario development for active threats, natural hazards, terrorism, hostile events, facility disruption, infrastructure failure, cyber/physical convergence, and cascading consequences.
- Develop realistic injects, discussion questions, scenario artifacts, incident reports, evaluation criteria, and capability-focused observations.
- Participate in planning meetings, stakeholder interviews, technical coordination meetings, exercise execution, hotwashes, and AAMs.
- Coordinate with CISA representatives, SLTT partners, law enforcement, emergency management, facility operators, and private-sector owners/operators.
- Support development and update of CTEP materials and sector-specific exercise packages.
- Review exercise products for technical accuracy, risk relevance, operational realism, and appropriate terminology.
- Support evaluation by identifying best practices, capability gaps, risk reduction opportunities, and corrective actions.
- Contribute to fact sheets, briefing papers, analytical products, AARs, CAPs, and program-level trend analysis.
- Maintain awareness of emerging threats and hazards affecting critical infrastructure and public gathering locations.
Required Qualifications - 7+ years of experience in critical infrastructure protection, physical security, law enforcement, antiterrorism, emergency management, risk management, protective security, or public safety.
- Knowledge of critical infrastructure sectors, public/private-sector coordination, vulnerability reduction, protective measures, and consequence management.
- Experience supporting exercises, training, assessments, operational planning, emergency response planning, or infrastructure security programs.
- Ability to communicate technical security concepts to executive, operational, and non-technical audiences.
- Strong writing, facilitation, and stakeholder coordination skills.
Preferred Qualifications - Prior CISA Protective Security Advisor, DHS, FEMA, state homeland security, law enforcement, or private-sector infrastructure security experience.
- Experience with soft targets and crowded places security.
- Familiarity with PCII, CVI, or sensitive infrastructure information handling requirements.
Primary Deliverables / Work Products Supported - Scenario and inject technical inputs
- Critical infrastructure risk and physical security review comments
- Exercise artifact development
- AAR/CAP findings and corrective action inputs
- CTEP and sector package inputs
- Briefing paper and fact sheet inputs