Job description
Job Title: Cybersecurity Professional / Architect
SIN 54151HACS Highly Adaptive Cybersecurity Services (HACS)
Location: USA CONUS/OCONUS (as required)
Primary Location (Typical Base):
- City: Washington, D.C.
- State: District of Columbia (DC)
Other Possible Locations (based on agency and mission):
- Maryland (MD) – for agencies like NSA, NIH, and DHS (especially in Montgomery or Prince George’s County)
- Virginia (VA) – especially Northern Virginia (Arlington, Fairfax, Alexandria) due to proximity to federal cyber hubs
- Remote/Telework – Many HACS roles are allowed hybrid/remote options unless physical access to secure systems or SCIF is required
Clearance: Must be eligible for or hold a current U.S. Government security clearance
Employment Type: Full-time / Contract-based
Position Summary:
The Cybersecurity Professional/Architect will lead and execute advanced cybersecurity initiatives in alignment with the GSA’s Highly Adaptive Cybersecurity Services (HACS) SIN 54151HACS. The role involves proactive and reactive cybersecurity operations across a range of services, including Risk Management Framework (RMF), Vulnerability Assessment, Incident Response, Cyber Hunt, Security Architecture Reviews, and Zero Trust implementations.
Key Responsibilities:
- Lead risk and vulnerability assessments (RVAs), penetration tests, and High-Value Asset (HVA) security assessments.
- Architect and implement secure systems based on RMF (NIST SP 800-37) and Zero Trust Architecture (ZTA per NIST SP 800-207).
- Provide incident response support including threat containment, mitigation, and forensics.
- Design and operate Security Operations Center (SOC) functions such as 24x7 monitoring, log analysis, and intrusion detection/prevention.
- Conduct phishing, wireless, web application, operating system, and database assessments.
- Deliver security architecture reviews aligned with NIST 800-160 and Federal IT Modernization standards.
- Develop and update system security plans (SSPs), POA&Ms, and continuous monitoring strategies per NIST SP 800-53 and 800-137.
- Support audit preparation and security control testing based on NIST SP 800-171 and SP 800-115.
- Collaborate with federal stakeholders on cybersecurity strategy, compliance, and technology implementation.
Required Skills and Qualifications:
10+ years of experience in federal cybersecurity operations.
Strong understanding of Federal cybersecurity policies and regulations (e.g., FISMA, OMB M-19-03, CNAP).
Hands-on experience with tools such as Nessus, Wireshark, Splunk, Metasploit, and FireEye.
Deep familiarity with cybersecurity frameworks including NIST SP 800-53, SP 800-171, RMF, and ZTA.
Experience in incident response and recovery under NIST SP 800-61 and 800-86.
Demonstrated expertise in implementing and evaluating HVA assessments and IHEM programs.
Knowledge of systems engineering, cloud security, network architecture, and endpoint protection.
Must have capability
- questions on Risk and Vulnerability Assessment (RVA),
- Security Architecture Review (SAR),
- Systems Security Engineering (SSE),
- Penetration Testing.
- Cyber Hunt, Incident Response (IR), or Incident Handling and Event Management (IHEM).
Five SIN Subgroup areas as below must have understanding , experience
- High value Asset (HVA) Assessments
- Risk and Vulnerability Assessment (RVA)
- Cyber Hunt
- Incident Response
- Penetration Testing
Bachelor’s or Master’s degree in Cybersecurity, Information Security, Computer Science, or a related field.
One or more of the following certifications preferred:
- CISSP (Certified Information Systems Security Professional)
- CEH (Certified Ethical Hacker)
- CISM (Certified Information Security Manager)
- OSCP (Offensive Security Certified Professional)
- GIAC Certifications (e.g., GCIH, GPEN)
- CompTIA Security+, CASP+
Desired Attributes:
- Strong analytical, problem-solving, and communication skills.
- Ability to work in high-pressure environments and handle classified information.
- Adaptable to rapid changes in threat landscapes and federal directives.
- Familiar with NICE Framework work roles and competencies.
- Ability to present technical solutions during oral technical evaluations with federal evaluators.
