Cybersecurity Assessment and Authorization SME

Enterprise Solutions and Management (ESM) is a rapidly growing government contractor that provides strategic IT services that meet mission needs for Defense and Federal customers. We are hiring a Cybersecurity Assessment and Authorization (A&A) Subject Matter Expert (SME) for an exciting remote opportunity.

Job Description and Responsibilities

Serves as a cybersecurity Subject Matter Expert (SME) for the Assessment and Authorization (A&A) of information systems, ensuring compliance with all applicable cybersecurity policies, standards, and procedures. Executes Department of Defense (DoD) cybersecurity processes, either leading system authorization efforts or providing expert guidance to systems undergoing authorization. Applies in-depth knowledge of NIST SP 800-53 security controls to assess and authorize complex enterprise environments composed of diverse infrastructures, including large and small enclaves, applications, and outsourced IT services. Evaluates identified vulnerabilities, determines their severity, and analyzes their potential impact on system authorization status. Provides clear, concise briefings to senior leadership on Risk Management Framework (RMF) progress, findings, and authorization outcomes, supporting informed decision-making and risk management.

*While this is a remote position, the client stipulates that all candidates must live within 50 miles of one of the following:

Battle Creek, MI

Columbus, OH

Dayton, OH

Ft. Belvoir, VA

New Cumberland, PA

Ogden, UT

Philadelphia, PA

Richmond, VA

Required Knowledge, Skills and Abilities (KSA)

• Demonstrated DoD cybersecurity experience with strong understanding of DoD cybersecurity requirements, policies, procedures, and authorization processes supporting complex enterprise environments.


• Proven experience assessing security controls and conducting authorization reviews for large, complex organizations, including supporting Risk Management Framework (RMF) activities and artifact development.


• Advanced knowledge of cybersecurity documentation and artifacts, including STIGs, technical configuration guides (TCGs), IAVMs, Task Orders, and comprehensive RMF package development, maintenance, and validation.


• Experience identifying, documenting, tracking, and updating POA&M items, including remediation actions, milestone management, and vulnerability resolution to ensure audit readiness and closure.


• Strong analytical, research, and problem-solving skills with proficiency in data analysis and reporting tools such as Microsoft Excel, Access, Power BI, and Power Platform to produce vulnerability, compliance, and risk analytics.


• Excellent communication skills with ability to generate audit-ready cybersecurity reports, deliver briefings to leadership, and support decision-making across emerging technology environments including Cloud, IT, ICS, and OT systems.

Desired KSA

• Be a positive, self-motivated, and proactive person with the ability to adapt to change and tolerate stressful situations


• Candidate must communicate effectively with team members, team lead, management, and government customer


• Must have the ability and desire to research and develop creative solutions to unique problems with minimal supervision

Minimum Training, Education, and Certifications

• Ten (10) years relevant experience with Risk Management Framework (RMF) and NIST A&A


• IAT III or higher certification


• ACAS training module/course completion


• Tanium training module/course completion


• DLA approved Computing Environment certification

Minimum Clearance

• Secret

Physical Requirements

• Required to stand, walk and sit; communicate verbally both in person and by telephone; use hands to finger, handle or feel objects or controls; reach with hands and arms. Regularly required to stoop, kneel, bend, crouch and lift up to 25 pounds. Specific vision abilities required by this job include close vision, distance vision, depth perception, color vision and the ability to adjust focus.


• Physical demands associated with this position include extensive walking (including stairs) throughout offices and between buildings. May require use of public transportation, personal or Government vehicle to drive to local and/or remote office locations.

Additional Requirements

• Other duties as assigned

ESM provides equal employment opportunity to all individuals regardless of race, color, creed, religion, gender, age, sexual orientation, national origin or ancestry, disability, genetic information, veteran status, gender identification or any other characteristic protected by state, federal or local law.