Cyber Security Engineer/ Adviser (Rockville)

Role: Cybersecurity Engineer/ ArchitectLocation; Rockville, MD (Hybrid, 3 days Onsite)Experience: 15+years MustOnly Locals & US Citizens for this roleJob SummaryThe Cybersecurity Outcome Transformation Technical Advisor is a senior-level strategic and technical role supporting U.S. federal government clients in the design, execution, and measurement of cybersecurity transformation programs. Operating within a government contracting environment, this role serves as a trusted technical advisor embedded with federal agency stakeholders — bridging mission-critical objectives with modernized security capabilities. The ideal candidate brings deep federal compliance expertise, and a proven track record of delivering outcome-driven results within the constraints of government acquisition and policy frameworks.Key ResponsibilitiesStrategic Advisory & Transformation PlanningLead cybersecurity transformation engagements across federal civilian, agencies, aligning security investments to agency mission outcomes and federal mandates.Develop and own comprehensive transformation roadmaps addressing people, process, and technology in accordance with federal acquisition and budget cycles (e.g., PPBE, FITARA).Translate agency-specific security requirements and risk tolerances into actionable strategies, milestones, and performance metrics reportable to agency leadership and oversight bodies (e.g., OMB, GAO, Congress).Advise agency stakeholders on evolving federal cybersecurity policy including Executive Orders (e.g., EO 14028), OMB Memoranda (e.g., M-21-31, M-22-09), CISA directives, and NSM-8.Technical Leadership & ArchitectureProvide hands-on technical guidance across federal cybersecurity domains including Zero Trust Architecture (ZTA), Identity, Credential, and Access Management (ICAM), SOC/SIEM modernization, Cloud Security (FedRAMP), Endpoint Detection & Response (EDR), Data Protection, and OT/ICS security.Lead the design and implementation of Zero Trust architectures aligned to CISA's Zero Trust Maturity Model.Conduct security architecture reviews, threat modeling, and ATO (Authority to Operate) support in alignment with NIST RMF and FISMA requirements.Evaluate and recommend security technologies operating within FedRAMP-authorized product boundaries.Support continuous monitoring strategies using tools consistent with CDM (Continuous Diagnostics and Mitigation) program requirements.Outcome Measurement & Value RealizationDefine and implement outcome-based metrics, security scorecards, and dashboards that satisfy federal reporting requirements (e.g., CIO FISMA metrics, CDM dashboards, OMB cybersecurity cross-agency priority goals).Conduct maturity assessments using frameworks such as NIST CSF, C2M2, CMMC, and CISA's Cyber Performance Goals (CPGs).Develop business cases and should-cost models for cybersecurity investments aligned to federal budget justification formats.Track and report transformation progress to agency CISOs, CIOs, Deputy Secretaries, and program oversight stakeholders.Stakeholder Engagement & Executive CommunicationServe as a primary technical advisor to agency CISOs, CIOs, Program Managers, and Contracting Officer Representatives (CORs).Facilitate working groups, integrated product teams (IPTs), and executive steering committees within federal environments.Prepare and deliver briefings, white papers, technical evaluation reports, and Congressional-level summary documents as required.Program & Compliance ManagementManage cybersecurity transformation task orders or programs under contract vehicles such as GSA Schedules, SEWP V, CIO-SP4, OASIS+, or agency-specific IDIQs.Ensure all deliverables comply with applicable federal regulations including FISMA, FedRAMP, DFARS 252.204-7012, and NIST SP 800-series publications.Identify, assess, and manage program risks, issues, and dependencies in accordance with agency PMO standards and EVM (Earned Value Management) requirements where applicable.Support supply chain risk management (SCRM) activities in alignment with NIST SP 800-161 and agency SCRM policies.Experience10+ years in cybersecurity; 5+ years in a federal advisory, consulting, or program leadership roleFederal FrameworksDeep expertise in NIST RMF, FISMA, FedRAMP, NIST SP 800-53, NIST CSF, and Zero TrustTechnical DepthProficiency in 3+ domains: ICAM, Cloud Security, SOC/SIEM, CDM, OT/ICS, Endpoint SecurityCommunicationAbility to brief senior federal officials, SES-level leadership, and oversight bodiesPreferred QualificationsIndustry certifications: CISSP, CISM, CAP (Certified Authorization Professional), CISA, PMP, CGRCExperience supporting CMMC compliance, or IC ICD 503 assessment and authorization processesFamiliarity with Zero Trust Strategy, NSM-8, and DISA STIGsBackground with CDM program tools and CISA integration requirementsExperience with OT/ICS/SCADA security in federal critical infrastructure environmentsKnowledge of AI/ML security risks and emerging technology policy implications in federal contextsPrior experience as a federal employee, military officer, or embedded contractor within a federal agency