Cybersecurity Subject Matter Expert (SME)
Description
Position: Cybersecurity Subject Matter Expert (SME)
Location: Onsite in DC- Herbert Hoover Building
Terms: Full Time
Clearance: Active Secret Clearance required
Travel: 0–10%
RESULTS. INNOVATION. VALUES. ACCOUNTABILITY.
That’s RIVA.
We’re a mission-driven IT services company and systems integrator supporting digital transformation and modernization for Federal government agencies. Since 2009, we’ve partnered with our customers to solve complex challenges through smart, practical innovation to deliver real outcomes where they matter most. Our teams are made up of industry-leading experts who are passionate about doing great work and making a difference. We don’t just develop solutions—we support efforts that strengthen communities and serve the public good.
RIVA’s culture is built on four core values: Results, Innovation, Values, and Accountability (R.I.V.A.). They guide how we work, how we collaborate, and how we measure success. Our employee-first approach is rooted in trust, ownership, and meaningful work. By investing in our people and fostering a flexible, supportive environment, employees have the opportunity to grow their skills, contribute ideas, and make an impact from day one—all while supporting missions that matter.
Program Overview
The Cybersecurity Subject Matter Expert (SME) will support Department of Commerce (DOC) and Bureau of Industry and Security (BIS) cybersecurity initiatives focused on supply chain risk management, system security compliance, and risk mitigation. This role supports the development and execution of cybersecurity strategies and compliance activities aligned with Federal cybersecurity standards and mandates.
Position Overview
RIVA Solutions is seeking experienced Cybersecurity Subject Matter Experts (SMEs) to provide technical expertise and analysis in support of Federal cybersecurity programs. The ideal candidate will possess strong knowledge of cybersecurity frameworks, Federal security compliance requirements, and risk management practices. This role requires collaboration with technical, administrative, and executive stakeholders to support system assessments, documentation, testing, and security control implementation.
Core Responsibilities
- Provide subject matter expertise and technical analysis in support of supply chain risk management and cybersecurity initiatives.
- Apply cybersecurity principles, methods, and knowledge to support complex technical requirements and deliverables.
- Plan, develop, finalize, and review key cybersecurity program deliverables for DOC and BIS environments.
- Support compliance efforts aligned with FISMA, NIST, OMB, and other Federal cybersecurity standards and guidance.
- Identify unique system characteristics and conduct interviews with technical, administrative, and executive personnel.
- Collaborate with OCIO teams to develop and maintain required cybersecurity documentation, including security categorizations, risk assessments, contingency plans, security test and evaluation reports, and vulnerability assessment reports.
- Map technical requirements, system functionality, and operational capabilities to prescribed security controls, policies, and practices.
- Analyze data collected from open-source, high-side, data calls, and other intelligence sources.
- Present cybersecurity findings and recommendations in both detailed and executive-level formats for internal and external stakeholders.
Minimum Qualifications
- Demonstrated experience supporting Federal cybersecurity programs and risk management initiatives.
- Strong understanding of FISMA, NIST, OMB, and Federal cybersecurity compliance requirements.
- Experience developing cybersecurity documentation, assessments, and security control mappings.
- Knowledge of supply chain risk management principles and cybersecurity best practices.
- Experience conducting vulnerability assessments, risk assessments, and security testing activities.
- Strong analytical and problem-solving skills with the ability to communicate technical findings to diverse audiences.
- Ability to work collaboratively with technical, administrative, and executive stakeholders.
- Excellent written and verbal communication skills.
- Ability to manage multiple priorities in fast-paced Federal environments.
Preferred Qualifications
- Relevant cybersecurity certifications such as CISSP, CISM, Security+, or equivalent.
- Experience supporting Department of Commerce (DOC) or Bureau of Industry and Security (BIS) programs.
- Familiarity with CATTS labor categories and Federal contract proposal environments.
- Experience with supply chain cybersecurity assessments and Federal compliance audits.
Salary
$170K
Additional Information
The CATTS standardized labor categories in Section J.3., Attachment 02 apply. The Contractor is responsible for appropriately mapping educational, experience, and certification requirements based on Government-defined responsibilities. Deviations from the CATTS IDIQ labor category definitions may be proposed if clearly identified in the task order proposal.
The Government is requesting a minimum of three (3) Cybersecurity SMEs for this requirement. Contractors may propose additional personnel based on their proposed solution and rationale.
RIVA Benefits
- Paid Time Off / Sick Leave
- Health, Dental, and Vision Coverage
- Life Insurance
- 401(k) Retirement Plan with Company Match
- HSA/FSA Spending Accounts
- Long- and Short-Term Disability
- Pet Insurance
- Wellness Program Initiatives
- RIVA Flex (Flexible Hours and Hybrid Support, where applicable)
- Additional Workplace Benefits
Equal Opportunity Statement
RIVA Solutions is an Equal Opportunity/Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy and related conditions), sexual orientation, gender identity, national origin, age, disability, genetic information, veteran status, or any protected class.
If you need a reasonable accommodation to search for a job opening or to submit an online application, please email [email protected]. Only messages left for this purpose will be returned.