Senior Cybersecurity Compliance Specialist with Security Clearance

GCyber is seeking an experienced Senior Cybersecurity Compliance Specialist to support a DoD customer with a mission-critical cybersecurity program focused on the A&A and continuous monitoring of complex IT systems. This position involves leading RMF package validation, providing security control assessment support, and advising government stakeholders on enterprise-level cyber risk and compliance strategy. As the Senior Cybersecurity Compliance Specialist, you will: Lead review and validation of RMF Body of Evidence (BOE) packages and assess implementation of security controls across systems including cloud, on-premises, hybrid, and virtualized environments. Evaluate and verify application of DISA STIGs, NIST 800-53 controls, and federal compliance standards during the A&A and continuous monitoring lifecycle. Use eMASS or equivalent tools to manage key RMF artifacts, including SSPs, POAMs, RARs, SAPs, and SCTMs. Track POAM remediation, review Independent Verification & Validation (IV&V) results, and identify required follow-up testing to support authorization decisions. Validate system boundary controls, assess interconnection compliance, and review log handling and PP&S documentation. Develop security assessment plans and execute control tests to determine effectiveness of implemented security controls. Act as the eMASS administrator, managing access, workflows, and generating reporting across system portfolios. Participate in working groups to review and recommend updates to cybersecurity policy and RMF guidance. Minimum Qualifications and Experience Active TS/SCI Clearance DoD 8570 IAT II certification Master's degree in cybersecurity, information systems, or a related field; OR bachelor's degree plus an additional 6 years of relevant experience. Minimum of 12 years of cybersecurity experience, including direct support to DoD RMF, compliance, and A&A efforts. In-depth knowledge of NIST 800-53, RMF lifecycle, STIG implementation, and eMASS workflows. Experience reviewing security architectures, risk assessments, and compliance documentation for highly sensitive IT systems. Strong understanding of continuous monitoring strategies and POAM lifecycle tracking. Ability to analyze enterprise risk posture and provide structured, defensible recommendations to government stakeholders.