Job Information
GCyber Senior Cybersecurity Compliance Specialist in Arlington, Virginia
GCyber is seeking an experienced Senior Cybersecurity Compliance Specialist to support a DoD customer with a mission-critical cybersecurity program focused on the A&A and continuous monitoring of complex IT systems. This position involves leading RMF package validation, providing security control assessment support, and advising government stakeholders on enterprise-level cyber risk and compliance strategy.
As the Senior Cybersecurity Compliance Specialist, you will:
Lead review and validation of RMF Body of Evidence (BOE) packages and assess implementation of security controls across systems including cloud, on-premises, hybrid, and virtualized environments.
Evaluate and verify application of DISA STIGs, NIST 800-53 controls, and federal compliance standards during the A&A and continuous monitoring lifecycle.
Use eMASS or equivalent tools to manage key RMF artifacts, including SSPs, POAMs, RARs, SAPs, and SCTMs.
Track POAM remediation, review Independent Verification & Validation (IV&V) results, and identify required follow-up testing to support authorization decisions.
Validate system boundary controls, assess interconnection compliance, and review log handling and PP&S documentation.
Develop security assessment plans and execute control tests to determine effectiveness of implemented security controls.
Act as the eMASS administrator, managing access, workflows, and generating reporting across system portfolios.
Participate in working groups to review and recommend updates to cybersecurity policy and RMF guidance.
Minimum Qualifications and Experience
Active TS/SCI Clearance
DoD 8570 IAT II certification
Master’s degree in cybersecurity, information systems, or a related field; OR bachelor’s degree plus an additional 6 years of relevant experience.
Minimum of 12 years of cybersecurity experience, including direct support to DoD RMF, compliance, and A&A efforts.
In-depth knowledge of NIST 800-53, RMF lifecycle, STIG implementation, and eMASS workflows.
Experience reviewing security architectures, risk assessments, and compliance documentation for highly sensitive IT systems.
Strong understanding of continuous monitoring strategies and POAM lifecycle tracking.
Ability to analyze enterprise risk posture and provide structured, defensible recommendations to government stakeholders.
Our Benefits
GCyber is committed to the well-being and development of every employee. Our benefits are designed to support your personal and professional goals, from health and wellness programs to retirement savings and career development opportunities. Highlights include:
26 Days of Paid Leave + Annual PTO Increase
An extra day of paid leave for every year of employment with GCyber
Paid Parental Leave
Additional Leave Allowances for Military Duty, Jury Duty, and Bereavement Leave
401(k) Matching
100% Company-funded Disability Insurance
90% Company-Funded Health, Dental, and Vision Insurance, with contributions to insurance benefits for spouses, children, and family members
Training and Professional Development Plans
Commuter Benefits Plan
Parking and Transportation Allowance
Equal Opportunity Employer
GCyber is an Equal Opportunity Employer. This means you don't have to worry about whether your application process will be fair. We consider all applicants without regard to race, color, religion, age, ancestry, ethnicity, gender, gender identity, gender expression, sexual orientation, veteran status, or disability.
Stay in Touch
For future job notifications please follow GCyber on LinkedIn. https://linkedin.com/company/gcyber
Powered by JazzHR