CYBERSECURITY CLOUD SUBJECT MATTER EXPERT (SME)

{
  "content_hash": "20dae845f90635ab8a492f853c2aab35316960639f2c41f1f56e7cb1ddfafc0a",
  "source_hash": "f139bafd524d60f504f7d1ecee2d12d7813bfc34bfe117836632becdd0c7a224",
  "last_changed_at": "2026-05-31T17:43:10.289Z",
  "active_status": "active"
}

{
  "language": "en",
  "location": {
    "raw": "Northern, VA, United States",
    "city": "Northern",
    "region": "VA",
    "country": "United States",
    "is_remote": false,
    "confidence": 0.8
  },
  "salary_max": null,
  "salary_min": null,
  "inferred_at": "2026-06-06T10:55:34.282Z",
  "launch_scope": {
    "reason": "english_us_canada",
    "included": true,
    "language": "en",
    "location": {
      "raw": "Northern, VA, United States",
      "city": "Northern",
      "region": "VA",
      "country": "United States",
      "is_remote": false,
      "confidence": 0.8
    },
    "countries": [
      "United States"
    ]
  },
  "remote_policy": null,
  "salary_period": null,
  "workplace_type": null,
  "salary_currency": null
}

{}

{
  "id": "744000091515255",
  "ref": "https://api.smartrecruiters.com/v1/companies/toomeytechnologies/postings/744000091515255",
  "name": "CYBERSECURITY CLOUD SUBJECT MATTER EXPERT (SME)",
  "uuid": "3d615cc5-56c4-4ca9-ab12-6960f03c9ab6",
  "detail": {
    "id": "744000091515255",
    "name": "CYBERSECURITY CLOUD SUBJECT MATTER EXPERT (SME)",
    "uuid": "3d615cc5-56c4-4ca9-ab12-6960f03c9ab6",
    "jobAd": {
      "sections": {
        "jobDescription": {
          "text": "<p>Serves as the primary cloud security architect responsible for ensuring that cloud-hosted IT&#xa0;systems, particularly the Electronic Contract Writing Module (ECWM) and related customer contracting&#xa0;systems, are architected, designed, and implemented with robust security controls that meet or exceed agency requirements. The SME provides comprehensive security oversight throughout the system lifecycle, from initial design through deployment and ongoing operations, with particular emphasis on cloud environments including Oracle Cloud Infrastructure (OCI), Amazon Web Services (AWS), and Microsoft Azure. The position requires deep expertise in DoD cybersecurity frameworks, FedRAMP compliance, Risk Management Framework (RMF), and the unique security challenges inherent in cloud-based Government systems handling sensitive contracting and procurement data.</p>",
          "title": "Job Description"
        },
        "qualifications": {
          "text": "<ul><li>Active Security Clearance&#xa0;</li><li>Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related&#xa0;technical field</li><li>Advanced cloud security certifications (CCSP, CISSP, SABSA, or equivalent)&#xa0;CISSP, CISM, or other advanced cybersecurity certification</li><li>Experience with DoD Enterprise DevSecOps Reference Design</li><li>Knowledge of containerization security (Docker, Kubernetes) and micro services security&#xa0;architecture</li><li><strong>Cloud ATO Experience: </strong>Two (2) years of hands-on experience achieving Authorization to&#xa0;Operate (ATO) in cloud environments (OCI, AWS, Azure, or equivalent platforms) with&#xa0;demonstrated success in navigating complex compliance requirements</li><li><strong>DoD Systems ATO Experience: </strong>Five (5) years of experience achieving ATOs for compartmented&#xa0;DoD IT systems with deep understanding of DoD-specific security requirements, assessment&#xa0;processes, and stakeholder coordination</li><li><strong>Cloud Certification: </strong>Current cloud security certification from major cloud providers (Oracle&#xa0;Cloud Infrastructure, AWS, Azure, or equivalent) demonstrating technical proficiency and up-to date&#xa0;knowledge of cloud security capabilities.</li><li>DoD Approved 8140/8570 Baseline Certification:</li><li><strong>FedRAMP Expertise: </strong>Extensive knowledge of FedRAMP assessment methodology including&#xa0;practical experience with FedRAMP security control requirements, assessment procedures, and&#xa0;authorization processes</li><li><strong>OCI Experience: </strong>Demonstrated experience working with Oracle Cloud Infrastructure (OCI)&#xa0;including security architecture, implementation, and compliance activities</li><li><strong>Enterprise DoD IT Experience: </strong>Proven experience working with enterprise DoD IT systems,&#xa0;understanding of DoD architecture standards, and familiarity with DoD cybersecurity requirements&#xa0;and processes</li></ul><ul><li>Advanced expertise in cloud security architecture principles across multiple platforms (OCI,AWS, Azure, Google Cloud) with deep understanding of shared responsibility models, cloud-native&#xa0;security services, and hybrid cloud security considerations</li><li>Comprehensive knowledge of cloud security engineering best practices including identity and access management (IAM), network security, data encryption, key management, and secure application deployment patterns</li><li>Proficiency in Infrastructure as Code (IaC) security, container security, serverless security, and&#xa0;cloud workload protection platforms with ability to implement security-by-design principles</li><li>Expert-level understanding of cloud security threats, attack vectors, and mitigation strategies&#xa0;including advanced persistent threats (APTs), insider threats, and cloud-specific vulnerabilities</li><li>Extensive experience with DoD Risk Management Framework (RMF) processes including system&#xa0;categorization, security control selection and implementation, assessment procedures, authorization&#xa0;decisions, and continuous monitoring</li><li>Deep knowledge of NIST cybersecurity frameworks (SP 800-53, SP 800-37, SP 800-171), DISA&#xa0;Security Technical Implementation Guides (STIGs), and DoD cybersecurity policies and&#xa0;instructions</li><li>Comprehensive understanding of FedRAMP assessment methodology, including security control&#xa0;inheritance, shared controls, and the FedRAMP authorization process for cloud service providers</li><li>Expertise in Authorization to Operate (ATO) processes for both cloud environments and&#xa0;&#xa0;compartmented DoD IT systems, including security documentation development, evidence&#xa0;collection, and stakeholder coordination</li><li>Advanced capabilities in conducting comprehensive cybersecurity vulnerability assessments with&#xa0;specific focus on cloud hosting environments and the unique risks associated with multi-tenant&#xa0;cloud infrastructure • Proficiency in security testing methodologies including penetration testing,&#xa0;vulnerability scanning, configuration assessments, and security control validation</li><li>Experience with security assessment tools and platforms including Assured Compliance&#xa0;Assessment Solution (ACAS), commercial vulnerability scanners, and cloud security posture&#xa0;management (CSPM) tools</li><li>&#xa0;Knowledge of threat modeling, security architecture review processes,&#xa0;and the ability to identify and mitigate security gaps in complex, distributed systems</li><li>Proven ability to review existing cloud security policies and provide actionable recommendations&#xa0;for improvement to enhance overall security posture and meet evolving threat landscapes</li><li>Experience in developing security standards, procedures, and guidelines that balance security&#xa0;requirements with operational efficiency and mission effectiveness</li><li>Knowledge of emerging cloud security technologies and methodologies with ability to assess their&#xa0;applicability to DoD environments and recommend adoption strategies</li><li>Comprehensive understanding of enterprise DoD IT architecture, including network topologies,system interconnections, data flows, and the security implications of complex system integrations</li><li>Experience with DoD enterprise services, shared services, and the security considerations involved&#xa0;in connecting cloud-hosted applications to existing DoD infrastructure</li><li>Knowledge of DoD cloud strategy and implementation approach</li><li>Hands-on experience with cloud security tools and services including cloud access security&#xa0;brokers (CASB), cloud workload protection platforms (CWPP), and security information and event&#xa0;management (SIEM) solutions</li><li>Proficiency in security automation, orchestration, and response (SOAR) capabilities with&#xa0;understanding of how to leverage cloud-native security services for incident response and threat&#xa0;hunting</li><li>Knowledge of DevSecOps practices and the integration of security controls into continuous integration/continuous deployment (CI/CD) pipelines</li><li>Understanding of backup and disaster recovery security considerations, business continuity&#xa0;planning, and the security implications of cloud-based recovery solutions</li><li>Experience with Government cloud initiatives (milCloud, AWS GovCloud, Azure Government)</li><li>Familiarity with AI/ML security considerations in cloud environments</li></ul>",
          "title": "Qualifications"
        },
        "companyDescription": {
          "text": "<p>Founded in 2017 and headquartered in Manassas, Virginia, Toomey Technologies is a SBA certified HUBZone, and Woman Owned Small Business experienced in Program Management and Solution Implementation support services.&#xa0;&#xa0;Our diverse and talented personnel provide structure to develop and execute strategies to maximize mission success and have an established track record supporting critical initiatives across a wide range of federal clients.&#xa0; We develop and execute strategies to maximize mission success and apply in-depth industry knowledge, analytics and expertise to design the right solution. Once the strategy is in place, we help communicate the changes and promote adoption among stakeholders.</p>",
          "title": "Company Description"
        },
        "additionalInformation": {
          "text": "<p>Only qualified candidates will be contacted.&#xa0; Be sure to keep an eye on your spam or junk folders in case our emails end up in there!&#xa0; Please, no phone calls directly to our business, CEO, hiring managers, or recruiters. Due to the high volume of applicants, we typically receive for our career openings, we are not able to do phone interviews until later stages of the hiring process.</p><p>Toomey Technologies is an equal opportunity employer.&#xa0; All qualified applicants will receive consideration for employment without regard to race, religion, gender, disability, age, or veteran status.</p>",
          "title": "Additional Information"
        }
      }
    },
    "jobId": "7ecea838-9176-474b-9888-78c10344023a",
    "active": true,
    "company": {
      "name": "Toomey Technologies",
      "identifier": "ToomeyTechnologies"
    },
    "creator": {
      "name": "",
      "avatarUrl": ""
    },
    "jobAdId": "d6e9ab79-ffd4-4aab-b112-d4667225c6f4",
    "applyUrl": "https://jobs.smartrecruiters.com/ToomeyTechnologies/744000091515255-cybersecurity-cloud-subject-matter-expert-sme-?oga=true",
    "function": {
      "id": "information_technology",
      "label": "Information Technology"
    },
    "industry": {
      "id": "information_services",
      "label": "Information Services"
    },
    "language": {
      "code": "en",
      "label": "English",
      "labelNative": "English (US)"
    },
    "location": {
      "city": "Northern",
      "hybrid": false,
      "region": "VA",
      "remote": false,
      "address": "NCR",
      "country": "us",
      "fullLocation": "Northern, VA, United States"
    },
    "refNumber": "REF204P",
    "postingUrl": "https://jobs.smartrecruiters.com/ToomeyTechnologies/744000091515255-cybersecurity-cloud-subject-matter-expert-sme-",
    "visibility": "PUBLIC",
    "customField": [
      {
        "fieldId": "COUNTRY",
        "valueId": "us",
        "fieldLabel": "Country/Region",
        "valueLabel": "United States"
      },
      {
        "fieldId": "5a5cdce5b60a5e20ef9bc78a",
        "valueId": "default",
        "fieldLabel": "Brands",
        "valueLabel": "Toomey Technologies"
      }
    ],
    "referralUrl": "https://jobs.smartrecruiters.com/external-referrals/company/ToomeyTechnologies/publication/3d615cc5-56c4-4ca9-ab12-6960f03c9ab6?dcr_ci=ToomeyTechnologies",
    "defaultJobAd": true,
    "releasedDate": "2025-11-04T01:47:57.306Z",
    "experienceLevel": {
      "id": "mid_senior_level",
      "label": "Mid-Senior Level"
    },
    "typeOfEmployment": {
      "id": "permanent",
      "label": "Full-time"
    }
  },
  "company": {
    "name": "Toomey Technologies",
    "identifier": "ToomeyTechnologies"
  },
  "jobAdId": "d6e9ab79-ffd4-4aab-b112-d4667225c6f4",
  "function": {
    "id": "information_technology",
    "label": "Information Technology"
  },
  "industry": {
    "id": "information_services",
    "label": "Information Services"
  },
  "language": {
    "code": "en",
    "label": "English",
    "labelNative": "English (US)"
  },
  "location": {
    "city": "Northern",
    "hybrid": false,
    "region": "VA",
    "remote": false,
    "address": "NCR",
    "country": "us",
    "fullLocation": "Northern, VA, United States"
  },
  "refNumber": "REF204P",
  "department": {},
  "visibility": "PUBLIC",
  "customField": [
    {
      "fieldId": "COUNTRY",
      "valueId": "us",
      "fieldLabel": "Country/Region",
      "valueLabel": "United States"
    },
    {
      "fieldId": "5a5cdce5b60a5e20ef9bc78a",
      "valueId": "default",
      "fieldLabel": "Brands",
      "valueLabel": "Toomey Technologies"
    }
  ],
  "defaultJobAd": true,
  "releasedDate": "2025-11-04T01:47:57.306Z",
  "detail_errors": [],
  "experienceLevel": {
    "id": "mid_senior_level",
    "label": "Mid-Senior Level"
  },
  "typeOfEmployment": {
    "id": "permanent",
    "label": "Full-time"
  }
}