Maritime Cyber Security SME

Maritime Cybersecurity SME

This position requires U. S. Citizenship and an active Public Trust clearance or the ability to obtain a  Public Trust clearance to be considered. 

We are seeking a Cyber Security Subject Matter Expert (SME) to support the Maritime Administration (MARAD) within the U.S. Department of Transportation. The SME will play a critical role, serving as an authoritative resource relative to maritime cybersecurity policy development, compliance, and cybersecurity program enhancement. This position requires close collaboration with MARAD, interagency partners, and the maritime industry to strengthen cybersecurity initiatives.

Compensation & Benefits:

Estimated Starting Salary Range for Maritime Cybersecurity SME: $140,000 - $150,000

Pay commensurate with experience.

Full time benefits include Medical, Dental, Vision, 401K, and other possible benefits as provided.  Benefits are subject to change with or without notice.

Maritime Cybersecurity SME Responsibilities Include: 

• Provide expert guidance on maritime cybersecurity policies, compliance, and risk management.
• Plan, implement, operate, monitor, report, and develop policies on all facets of IT and OT cybersecurity in support of the MARAD Associate Administrator for Strategic Sealift and Office of Maritime Security, while seeking assistance from and informing the MARAD CIO’s office.
• Support IT/OT cybersecurity for MARAD’s National Security Multi-Mission Vessel (NSMV) and Ready Reserve Force (RRF) Recapitalization programs.
• Support security assessments and other audits requests, Information System Continuous Monitoring (ISCM), and Risk Management Framework (RMF) tasks in alignment with NIST SP 800-37, DOT policies andthe DOD Risk Management Framework.
• Oversee cybersecurity control implementations for MARAD’s ship operations, Network Operations Center (NOC), and Security Operations Center (SOC) to achieve and maintain an Authority to Operate (ATO).
• Work closely with MARAD’s Office of Ship Operations to help ensure that MARAD's government owned vessels and shore support establishment are prepared for continuous operations in support of the Department of Defense, the Department of Homeland Security and other Government Departments, Agencies, and organizations.
• Act as a SME and coordinator between MARAD’s NSMV Program Office, their Vessel Construction Manager (e.g. - security vendor), State Maritime Academies (SMA), and the MARAD ISSM in support of acquiring and maintaining an ATO.
• Develop and manage Plans of Action and Milestones (POA&Ms) for security control deficiencies.
• Prepare and maintain contingency planning, privacy compliance documents, and perform privacy risk mitigations.
• Assist in security incident response, risk mitigation, and compliance reporting. 
• Perform other job-related duties as assigned.

Maritime Cybersecurity SME Experience, Education, Skills, Abilities requested: 

• 10+ years of experience in cybersecurity, with expertise in maritime/vessel cybersecurity, IT/OT security, and federal cybersecurity policies.
• Strong knowledge of NIST RMF, NIST Cybersecurity Framework (CSF), FISMA, and U.S. Coast Guard and International Maritime Organization cybersecurity requirements.
• Experience with Continuous Diagnostics and Mitigation (CDM), Information Security Continuous Monitoring (ISCM), and Identity, Credential, and Access Management (ICAM).
• Proven ability to lead cybersecurity assessments, compliance audits, and risk management activities.
• Understanding of the principles, methods, and tools of quality assurance and quality control used to ensure a product fulfills functional requirements and standards.
• Proficiency in Microsoft Office Suite, Power BI, Tableau, and SharePoint. 
• Certifications:
  • Required: CISSP or CISM
  • Preferred: CompTIA Network+, Security+, Certified Information Privacy Manager (CIPM), CEH
• Must pass pre-employment qualifications of Cherokee Federal

Company Information:

Criterion is a part of Cherokee Federal – the division of tribally owned federal contracting companies owned by Cherokee Nation Businesses. As a trusted partner for more than 60 federal clients, Cherokee Federal LLCs are focused on building a brighter future, solving complex challenges, and serving the government’s mission with compassion and heart. To learn more about Criterion, visit cherokee-federal.com.

#CherokeeFederal #LI #LI-REMOTE #LI-RA1

Cherokee Federal is a military friendly employer. Veterans and active military transitioning to civilian status are encouraged to apply.

Similar searchable job titles:

• Maritime Cybersecurity Engineer
• Cybersecurity Policy Advisor – Maritime Operations
• Maritime Cyber Risk Manager
• Cybersecurity Compliance Specialist – Maritime
• Maritime IT Security Consultant

Keywords:

• Maritime Cybersecurity
• Risk Management Framework (RMF)
• Information Assurance
• Continuous Monitoring (ISCM)
• Cybersecurity Policy

Legal Disclaimer:

All qualified applicants will receive consideration for employment without regard to protected veteran status, disability or any other status protected under applicable federal, state or local law.

Many of our job openings require access to government buildings or military installations. Candidates must pass pre-employment qualifications of Cherokee Federal.