Senior Cybersecurity Lead at Aretum

Washington, District of Columbia, United States -

Full Time

Start Date

Immediate

Expiry Date

31 Mar, 26

Salary

0.0

Posted On

31 Dec, 25

Experience

10 year(s) or above

Remote Job

Yes

Telecommute

Yes

Sponsor Visa

Skills

Cybersecurity, Risk Assessment, Compliance, Information Assurance, Vulnerability Management, Penetration Testing, NIST RMF, FISMA, DoD IA, Incident Handling, Project Management, Team Leadership, Communication Skills, Documentation, Technical Evaluation

Industry

IT Services and IT Consulting

Description

About Aretum Aretum is a mission-driven organization committed to delivering innovative, technology-enabled solutions to our customers across defense, civilian, and homeland security sectors. Our teams work at the intersection of strategy, technology, and transformation, helping agencies solve their most critical challenges. We believe in investing in our people and creating a culture where collaboration, inclusion, and professional growth are at the forefront. Job Summary As a Senior IA/Cybersecurity Lead, you will be responsible for evaluating and strengthening security controls, conducting risk assessments, and managing compliance with Federal Information Security Management Act (FISMA) requirements. Your leadership will be crucial in establishing a security-first culture within the organization, and will directly contribute to safeguarding critical information systems. Due to the nature of our work as a federal consulting organization, employees may be expected to handle Controlled Unclassified Information (CUI) and must adhere to applicable safeguarding and compliance requirements. Responsibilities Plan, implement, upgrade, or monitor security measures for the protection of computer networks and information. Ensure appropriate security controls are in place that will safeguard digital files and vital electronic infrastructure. Respond to computer security breaches and viruses. Monitor DOD, and other sites (e.g. Army Cyber) for new standards, regulations and policies. Review contract deliverables for compliance. Support risk management framework (RMF) implementation. Assess Information Assurance Vulnerability Alert (IAVA) management plans and processes. Develop and maintain Plans of Actions and Milestones (POAMs) for security related activities. Manage DD2875 submissions and support provisioning activities. Lead a Cybersecurity team and support interaction with other IT teams. A minimum of ten years of DoD IA experience. Active TS/SCI Required Possess one of the following certifications: GSLC, CISSP, CISM, and CISA, or another DoD 8570.01-M Level 3 authorized IAT/IAM certification. A minimum of eight years of experience analyzing, assessing, and implementing corrective actions based on vulnerability management and penetration testing tools and work efforts. A minimum of eight years of experience with the NIST RMF, NIST SP 800-53, STIGs, SCAP, IAVAs, and FISMA. A minimum of eight years of experience supporting DoD defensive cyber operational activities, including, but not limited to, information system protection, defense, response (incident handling), reporting, and recovery. A minimum of eight years of experience in managing complex DoD projects. Preferred Qualifications A bachelor’s degree in an IT related field Strong verbal and written communication skills as well as the ability to work independently. Experience leading teams. Experience writing Standard Operation Procedures (SOP), COOP Planning, POA&Ms, and other documentation in support of RMF as required. The ability to provide technical evaluation of proposed system(s) and application approaches. Work Environment & Physical Requirements This is a remote/work-from-home position. The employee is expected to maintain a professional and distraction-free home office environment with reliable internet access and the ability to participate in video and audio calls during standard working hours. Standard office equipment such as a computer, phone, and webcam will be used regularly. The physical demands described here are representative of those that must be met to successfully perform the essential functions of this job: Prolonged periods of sitting and working on a computer. Frequent use of hands and fingers to operate computer and telephone equipment. Must be able to lift up to 15 pounds occasionally (e.g., moving equipment). Ability to participate in virtual meetings and communicate clearly via video/audio platforms. Travel Requirement This is a remote position; however, occasional travel may be required based on project needs, client meetings, team collaboration events, or training sessions. Travel is expected to be less than 10% and will be communicated in advance whenever possible. EEO Statement Aretum is committed to fostering a workplace rooted in excellence, integrity, and equal opportunity for all. We adhere to merit-based hiring practices, ensuring that all employment decisions are made based on qualifications, skills, and ability to perform the job, without preference or consideration of factors unrelated to job performance. As an Equal Opportunity Employer, Aretum complies with all applicable federal, state, and local employment laws. We are proud to support our nation’s veterans and military families, providing career opportunities that honor their service and experience. If you require reasonable accommodation during the hiring process due to a disability, please contact hr@aretum.com for assistance. Equal Opportunity Employer/Veterans/Disabled U.S. Work Authorization Applicants must be U.S. citizens and currently authorized to work in the United States on a full-time basis. This position supports a federal government contract and therefore requires an active Top Secret clearance. Health Care Plan (Medical, Dental & Vision) Retirement Plan (401k, IRA) Life Insurance (Basic, Voluntary & AD&D) Paid Time Off (Vacation, Sick & Public Holidays) Family Leave (Maternity, Paternity) Short Term & Long-Term Disability Training & Development

Responsibilities

The Senior Cybersecurity Lead will evaluate and strengthen security controls, conduct risk assessments, and manage compliance with FISMA requirements. This role involves leading a Cybersecurity team and establishing a security-first culture within the organization.