Cyber Security SME

9th-Way Solutions$96K — $162K *
US-AnywhereRemote in United States
Information Technology
8 - 10 years of experience
Job Overview by Ladders

Qualifications

  • Master's degree in Cybersecurity, IT, Computer Science, Engineering, or related field (relevant experience may substitute for degree)
  • 10+ years of cybersecurity experience, particularly with enterprise-level security programs
  • Experience advising senior leaders and technical teams on cybersecurity risk and defense strategies
  • Strong knowledge of cybersecurity architecture, security engineering, and continuous monitoring
  • Familiarity with frameworks such as NIST, FISMA, FedRAMP, CMMC, and ISO 27001
  • Proficiency with security tools like Splunk, Microsoft Sentinel, and Palo Alto
  • Possess at least one relevant cybersecurity certification (e.g., CISSP, GIAC)

Responsibilities

  • Provide expert cybersecurity guidance across various enterprise systems and environments.
  • Lead development of innovative cyber defense strategies to enhance detection, prevention, and response capabilities.
  • Assess current cyber defense posture and recommend scalable improvements based on mission and regulatory requirements.
  • Design layered defense models including Zero Trust and zero-trust principles such as identity-based security and secure cloud controls.
  • Evaluate emerging cybersecurity technologies for operational value and risk mitigation.
  • Support the creation of cybersecurity roadmaps and modernization strategies to adapt to evolving threats.
  • Advise leadership on cyber risks, threat trends, and investment priorities.

Benefits

  • Comprehensive medical, dental, and vision insurance
  • 401(k) retirement plan with employer match
  • Paid time off (PTO) and paid holidays
  • Access to Employee Assistance Program (EAP) and traveling assistance resources
  • Flexible spending account (FSA) and health savings account (HSA) options
Full Job Description
Position Overview

The Cyber Security Subject Matter Expert serves as a senior technical advisor responsible for guiding the design, implementation, modernization, and continuous improvement of enterprise cyber defense capabilities. This role provides expert-level support across cybersecurity strategy, architecture, operations, risk management, compliance, incident response, and emerging technology adoption. The Cyber Security SME will place strong emphasis on innovative approaches to implementing cyber defenses, ensuring the organization is not only compliant with security requirements but also forward-looking, adaptive, and resilient against evolving threats.

Responsibilities
  • Provide expert cybersecurity guidance across enterprise systems, cloud environments, applications, networks, and mission platforms.
  • Lead the development and implementation of innovative cyber defense strategies that improve detection, prevention, response, and recovery capabilities.
  • Assess current cyber defense posture and recommend practical, scalable improvements aligned with mission, business, and regulatory requirements.
  • Design and support implementation of layered defense models, including Zero Trust, endpoint protection, identity-based security, network segmentation, encryption, threat monitoring, and secure cloud controls.
  • Evaluate emerging cybersecurity technologies, tools, and methodologies to determine applicability, maturity, risk, and operational value.
  • Support development of cybersecurity roadmaps, implementation plans, maturity models, and modernization strategies.
  • Advise leadership on cyber risk, threat trends, security gaps, mitigation strategies, and investment priorities.
  • Collaborate with technical teams, program managers, architects, engineers, system owners, and business stakeholders to integrate security into planning, development, operations, and sustainment activities.
  • Support security assessments, risk assessments, authorization activities, audits, and compliance reviews.
  • Provide expertise in federal cybersecurity frameworks and standards, including NIST, RMF, FISMA, FedRAMP, CMMC, CIS Controls, and Zero Trust guidance.
  • Recommend automation, analytics, artificial intelligence, machine learning, and security orchestration approaches to improve cyber defense effectiveness.
  • Support incident response planning, tabletop exercises, root cause analysis, and lessons-learned activities.
  • Develop cybersecurity policies, procedures, playbooks, technical guidance, briefings, and executive-level decision materials.
  • Mentor junior and mid-level cybersecurity staff and promote knowledge sharing across technical teams.
  • Identify opportunities to reduce risk, improve efficiency, strengthen resilience, and advance the organization's cyber maturity.
  • This position may perform other duties as assigned. The responsibilities listed above are representative and not intended to be all-inclusive.

Innovation-Focused Cyber Defense Responsibilities
  • Develop creative, mission-aligned approaches to implementing cybersecurity controls without unnecessarily slowing business operations.
  • Promote proactive defense concepts such as threat-informed defense, continuous monitoring, attack surface reduction, deception technology, behavioral analytics, and purple-team collaboration.
  • Recommend ways to use automation and orchestration to reduce manual cyber response actions and improve response time.
  • Integrate cyber threat intelligence into defensive planning, vulnerability prioritization, and operational decision-making.
  • Identify opportunities to improve security through secure-by-design, privacy-by-design, and resilience-by-design principles.
  • Support pilot programs, proofs of concept, and technology evaluations for new cyber defense capabilities.
  • Translate emerging cyber risks into actionable defense strategies that are understandable to both technical and non-technical stakeholders.


Requirements
  • Master's degree in Cybersecurity, Information Technology, Computer Science, Engineering, or related field. Additional relevant experience may be considered in lieu of degree.
  • 10+ years of cybersecurity experience, including experience supporting enterprise-level security programs.
  • Demonstrated experience advising senior leaders, program managers, and technical teams on cybersecurity risk and defense strategies.
  • Strong knowledge of cybersecurity architecture, security engineering, vulnerability management, incident response, identity and access management, cloud security, and continuous monitoring.
  • Experience implementing or advising on cybersecurity frameworks such as NIST 800-53, NIST 800-37, NIST 800-207, FISMA, FedRAMP, CMMC, CIS Controls, or ISO 27001.
  • Experience developing cybersecurity strategies, roadmaps, risk assessments, policies, procedures, and executive briefings.
  • Experience with tools such as Splunk, Microsoft Sentinel, Tenable, Qualys, CrowdStrike, Palo Alto, ServiceNow GRC/IRM, Security Hub, Azure Security Center/Microsoft Defender for Cloud, or similar platforms
  • Ability to evaluate technical risks and translate them into business or mission impacts.
  • Strong written and verbal communication skills.
  • Ability to work across multiple teams and influence decisions without direct authority.
  • Possess and maintain at least one of the below certifications"
  • CISSP
  • GIAC Certified Detection Analyst
  • GIAC Certified Forensic Analyst
  • GIAC Certified Intrusion Analyst
  • GIAC Network Forensic Analyst
  • GIAC Penetration Tester (GPEN)
  • GIAC Reverse Engineering Malware (GREM)
  • GIAC Security Expert (GSE)
  • ISC2 Certified Information System Security

Preferred / Desired
  • Experience with Zero Trust architecture, cloud security, DevSecOps, security automation, cyber analytics, SIEM/SOAR, and threat-informed defense.
  • Experience supporting Authority to Operate, RMF packages, security control assessments, POA&Ms, and continuous monitoring.
  • Experience leading cyber modernization initiatives or enterprise security transformation efforts.
  • Familiarity with AI-enabled cybersecurity, machine learning-based detection, automated response, and advanced threat analytics

Location

This position is remote with periodic travel based upon customer, business development, and operational requirements. Occasional travel to headquarters in Ashburn, Virginia and customer locations is expected.

Salary Range

$96,370-$162,454 USD

9th Way Insignia's range for this job level is a general guideline only and not a guarantee of compensation or salary. Additional factors considered in extending an offer include (but are not limited to) responsibilities of the job, education, experience, knowledge, skills, and abilities, as well as internal equity, alignment with market data, applicable bargaining agreement (if any), or other law.

Clearance/Background Investigation
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

Benefits
Eligible employees will have access to our comprehensive benefits package which includes Medical, Dental, Vision, Voluntary Life Insurance, 401(k), Basic Life A&D, STD, LTD, PTO, Telehealth, paid holidays, FSA, HSA. Additional resources include our Employee Assistance Program (EAP) and Traveling Assistance.

Similar Jobs

More Jobs at 9th-Way Solutions

  • Cyber Security SME
    $96K — $162K *
    Remote
    Information Technology
    Remote in United States
  • Cloud Architect
    $100K — $170K *
    Washington, DC 20011 (District Of Columbia County)
    Information Technology
    In-Person
  • Senior ETL Developer
    $96K — $99K *
    Washington, DC 20011 (District Of Columbia County)
    Information Technology
    In-Person
  • Expert Power BI Developer
    $120K — $150K *
    Washington, DC 20011 (District Of Columbia County)
    Information Technology
    In-Person
  • Data Analyst
    $96K — $115K *
    Washington, DC 20011 (District Of Columbia County)
    Information Technology
    In-Person

More Information Technology Jobs

Find similar Cyber Security SME jobs: