Zero Trust Process Re-Engineering SME

Zero Trust Process Re‑Engineering SME

Join to apply for the Zero Trust Process Re‑Engineering SME role at Zermount, Inc.

Military Friendly & Preferred - Hoh Sponsor

Zermount Inc. is seeking a Zero Trust (ZT) Process Re‑Engineer SME; you will provide subject matter expertise in reviewing and analyzing Executive Orders (EOs) (e.g., EO 14028), OMB mandates (e.g., OMB M 22‑09, M 21‑31), federal requirements and laws, and department directives, policies, and processes, and developing agency‑level policies, processes, procedures, standards, and guidelines. You will collaborate with stakeholders to understand, document, and implement effective business processes in support of the agency ZT initiative.

• Assist with updates to the client’s ZT roadmap and implementation plan.
• Review and interpret EOs, OMB memos, Public Law, DHS directives, NIST SPs, and best practices, and provide recommendations and solutions.
• Conduct gap analyses in existing agency policy documentation to ensure compliance with cybersecurity mandates and develop a roadmap for implementation.
• Provide guidance for meeting requirements established through OMB M’s or EOs.
• Assist in developing the enterprise ZT Common Control Catalog (CCC).
• Support leadership with planning, scheduling, guidance, reporting, performance metrics, and recommendations for the ZT initiative.
• Support internal and external ZT data calls, audits, and compliance updates.
• Manage the policy inquiry/intake mailbox or policy help desk.
• Interpret and implement IT public policy initiatives; develop long‑term strategy, track legislation, and make policy recommendations.
• Track and resolve cybersecurity policy‑related questions.
• Conduct policy research to support help desk inquiries.
• Review, edit, create, and update cybersecurity policy documents using the Zermount Agile approach.
• Create new cybersecurity policy documents to address identified gaps from EO’s, OMB M’s, NIST, DHS, or TSA mandates.
• Modify/update existing IAD cybersecurity‑related SOPs, technical standards, management directives, CCSH, TSA forms, OSS guide, SSI Program, privacy office reviews, and related Notification Memos.

• Minimum 10 years of IT cybersecurity experience, including direct support for the U.S. Government, and 5 years as a policy analyst for an enterprise IT system (13 years if no bachelor’s degree).
• Knowledge of NIST guidelines and FISMA compliance requirements.
• Technical knowledge of complex enterprise IT systems.
• Proficiency with Microsoft Office, Outlook, SharePoint.
• Excellent communication skills with technical, non‑technical, and executive stakeholders.
• Knowledge of Zero Trust architecture, EO 14028, OMB M 22‑09, federal, DoD, and CISA frameworks.
• In‑depth analysis experience of cybersecurity, IT, and risk management.
• Ability to work independently and as part of a team.
• Professional demeanor in complex, politically sensitive environments.

Details pending.

Bachelor’s preferred but professional experience acceptable.

• Minimum of a Bachelor of Science (or higher) in computer engineering, computer science, IT, cybersecurity, or related field.
• Relevant experience may substitute for lack of bachelor’s degree.

At least one of the following:

• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certificate of Cloud Security Knowledge (CCSK)
• Certified Chief Information Security Officer (CCISO)
• Similar certification.

Minimum active Secret clearance.

Remote; occasional onsite meetings at contractor site and TSA HQ, Springfield, Virginia.

Business hours: 8:00 am – 4:30 pm EST.

• 401(k) retirement account
• Education assistance ($10,000 annually)
• Medical, dental, vision plans with significant employer contributions
• Basic group life insurance, short‑ and long‑term disability plans
• Personal Time Off (15 paid holidays) plus 11 federal holidays
• Background investigation clearance