Zero Trust Cybersecurity-SME (Expert) 2067
Company: Compass
Location: Springfield
Posted on: April 1, 2026
|
|
|
Job Description:
Compass is looking for a motivated individual to provide
operational services primarily to the Intelligence Community (IC),
the Department of War (DoW), and Federal communities. Our goal is
to hire talented and passionate team members who desire to grow
their skillsets, as well as the reputation of the company with our
partners, clients, and stakeholders. We are looking for an
individual to join an innovative team supporting mission
critical/mission essential activities. Position: Zero Trust
Cybersecurity-SME Expert 2067 Location: Springfield, VA Clearance
Required: Active Top Secret/SCI Position Description The Subject
Matter Expert (SME) provides extremely high-level subject matter
expertise for work in support of IC and DoD Cybersecurity
requirements, specifications, certifications, and regulations to
include but not limited to facets such as Zero-Trust (ZT),
Identity, Credential, and Access Management (ICAM), Privileged
Access Management (PAM), and Public-Key Infrastructure (PKI). The
SME provides advanced technical knowledge and analysis of highly
specialized applications and operational environments, high-level
functional systems analysis, design, integration, documentation,
training, and implementation advice on complex, sometimes esoteric
problems which require detailed, in-depth knowledge of the subject
matter for effective oversight. The SME understands the multiple
facets of cybersecurity requirements and applies sound principles,
methods, and techniques to provide recommendations that ensure
optimal security and performance. The SME designs and prepares
technical reports, studies, and related documentation, makes charts
and graphs to record metrics and analytics, prepares and delivers
presentations, training, and briefings as required by the
Enterprise Cybersecurity Division. Key Duties Assess the current
architecture of existing NGA Program/Activities and design the
appropriate cloud architecture for those activities. Once the
appropriate architecture has been established, work with government
and contractor personnel supporting the migrating activity to
transition them into the appropriate cloud environment. Facilitate
Agency implementation of multiple facets of the seven ZT pillars
such as the Identity, Credential and Access Management (ICAM) Zero
Trust Architecture (ZTA) Cloud Modernization by developing
multi-cloud ICAM strategies and architectures and recommending NGA
portfolio and program technical acquisition strategies that align
with IC/DoD Identity and Access Management (IdAM) policies and
directives. Analyze IdAM capabilities to develop recommendations
for senior level decision makers on NGA’s IdAM multi-cloud/ZTA
capabilities and those of other IC and DoD partners. Develop
recommended courses of action for NGA senior leadership with
options for IC Information Technology Enterprise (ITE)
Identification Authentication Authorization (IAA) and Department of
War (DoW) adoption and transition of Agency Enterprise services
when applicable. Collaborate across agencies (inter-agency) and
across NGA (intra-agency) to analyze cybersecurity vulnerabilities
to develop recommendations for senior leadership on matters of
cybersecurity inter-dependencies, requirements, risks, threats, and
prioritized courses of action. Track requirements and devise
processes in support of Privileged Access Management (PAM) to
verify proper elevated users are monitored for anomalies across
multi-cloud environments, and research strong multifactor
authentication technologies for multi-cloud environments. Identify,
prioritize, and resource-plan a phased approach for a zero-trust
architecture to verify that both, Non-Person Entities (NPEs) and
Person-Entities (PEs) have a verified identity (Authentication
-AuthN), reducing the threat of cyber-attacks. Evaluate test plans,
observe tests, and monitor test results for functional requirements
developed for cybersecurity and ZT capability Integration
associated with migration activities to demonstrate to the NGA
Program Management Office (PMO) that the migrated activity performs
all intended cybersecurity functions, introduce low risk, and
require minimal resources for adoption. Analyze migration
activities to develop a description of the migrated activity
including the hardware, software, cloud resources, interfaces,
data, and security architecture. Perform security testing IAW the
NGA cloud security guidance and processes and analyze testing and
assist with development of documentation that demonstrates the
migrated activity complies with all required security requirements.
Required Mandatory Qualifications At least 12 years of demonstrated
expertise in managing cybersecurity practices in an IC or DoW
Agency with an understanding of the government’s approach for the
Zero Trust framework and Identity, Credential and Access Management
(ICAM). Familiarity at the Subject Matter Expert level for program
technical acquisition strategies that align with IC/DoD
Cybersecurity and ZTA, pillars, policies, and directives.
Understanding of information and application security concepts,
mechanisms, practices, and tools. Ability to translate business
requirements into cloud solutions. Relies on extensive experience
and judgment to plan and accomplish goals and independently perform
a wide variety of complicated tasks. Excellent oral communication,
persuasion, and relationship skills; strong problem identification
and problem-solving skills. Strong writing skills that lead to
clear, concise, and unambiguous technical and non-technical
documentation. Microsoft Office skills May provide consultation on
complex projects and is a top-level contributor/specialist. May
lead and direct the work of others. May report to an executive or
director. Education BA/BS or higher degree, or related experience
in a business, STEM or IT field. Desired Experience
Certification(s) in Secure , Certified Information Systems Security
Professional (CISSP), Certified Information Security Manager
(CISM), Certified Ethical Hacker (CEH), Project Management
Professional (PMP), Scaled Agile Framework (SAFe), Information
Technology Infrastructure Library (ITIL) certification. Extensive
understanding of cybersecurity vulnerabilities and emerging
technologies in end-user computing, collaboration tools, and AI/ML.
Knowledge of Artificial Intelligence and Machine Learning (AI/ML)
modeling for risk analysis. Familiarity with Identity Threat
Detection and Response (ITDR) and User and Entity Behavior
Analytics (UEBA). In-depth knowledge of Enterprise Cybersecurity
principles such as privileged users, Public Key Infrastructure and
Post-Quantum Cryptography (PQC). Familiarity with IC and DoW ICAM
Cybersecurity concepts, systems and services, such as attribute and
policy federation, multi-factor authentication, Denied, Degraded,
Intermittent, and Limited (DDIL) solutions, and multi-domain
requirements. Experience supporting intra- and inter-agency senior
leadership and working groups. Familiarity with risk and schedule
management and mitigation. Compass, Inc. (Compass) is a Small
Business (SB) headquartered in Winchester, VA as a Defense and
Intelligence solutions provider to the United States Government. We
provide Systems Engineering and Technical Assistance (SETA),
Advisory and Assistance Services (A&AS), and Systems
Engineering and Integration (SE&I) to our government and
business partner customers. As a premier Defense and Intelligence
solution provider, we employee a diverse, agile, highly trained and
extremely talented staff. Equal Opportunity Employer
Veterans/Disabled
Keywords: Compass, Tuckahoe , Zero Trust Cybersecurity-SME (Expert) 2067, IT / Software / Systems , Springfield, Virginia
