Cybersecurity Lead

Cybersecurity Lead

Location: Quantico, VA
Contract Duration: One-year contract starting March 2026 (with potential extension through March 2031)

Summary:

KeenLogic is seeking a Cybersecurity Lead to join one of our government clients. This is a full-time, onsite position offering Fortune 500-level benefits including health, dental, vision, PTO, 401(k), and life insurance.

The Marine Corps Recruiting Command (MCRC) requires expert cybersecurity leadership to safeguard its Recruiting Command Enterprise Network (RCEN) and associated applications. The Cybersecurity Lead ensures the confidentiality, integrity, and availability of MCRC’s IT environment while supporting Risk Management Framework (RMF) compliance, continuous monitoring (ConMon), vulnerability management, and Zero Trust Architecture (ZTA) initiatives. The role integrates security into daily operations and collaborates with MARFORCYBER, MCCOG, Cyber Protection Teams, and Red Teams to defend MCRC networks and data.

Required Qualifications:

• U.S. Citizen

• Active Secret or Top Secret clearance

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field preferred

• Must have one or more of the following: CY101, SecurityX / CASP+, CGRC/CAP, DAWIA PM Practioner, CCE, CCISO, CISM, CISSO, CISSP, DAWIA PM Advanced, GFACT, GSLC

• Experience with RMF, ACAS, eMASS/MCCAST, and DoD cybersecurity compliance

Primary Responsibilities:

• Risk Management Framework (RMF) & Continuous Authorization: Create, update, and manage RMF packages/artifacts (SSP, SAP, SAR, RAR, POA&M) in MCCAST/eMASS; maintain Continuous ATO for RCEN and associated systems; ensure compliance data is current in DITPR-DON and DADMS.

• Compliance & reporting: Prepare and submit reports (OPDIRs, CTOs, TASKORDs); maintain dashboards to track Continuous ATO, asset management, and directive compliance; ensure accuracy and timeliness of all submissions to MARFORCYBER/MCCOG.

• Vulnerability management: Conduct and analyze ACAS vulnerability scans; coordinate remediation with system owners and external partners (MCCOG VMT, DCO teams, CPTs).

• Assessment & Authorization (A&A): Support validation, testing, and ATO recertification efforts; provide a certified validator when required.

• Cyber incident response: Track, process, and report incidents (MCDs, OPDIRs, CIRT notifications); maintain the risk registry of accepted risks and mitigations.

• Policy & SOP development: Develop, review, and update cybersecurity policies, procedures, and SOPs at least annually.

• Zero Trust & architecture support: Design, document, and implement ZTA-aligned security solutions in compliance with DoD/USMC guidance.

• Security baselines & controls: Implement and maintain security configurations per DISA STIGs, PPSM, DoN network protection policy, and related frameworks.

• Audit & inspections: Prepare for and, when directed, lead inspections (e.g., CCRI, CGIP, CORA, White/Blue Team).

• Threat intelligence & process improvement: Conduct research on evolving threats; provide recommendations for security enhancements.

• Penetration testing: Plan, support, and coordinate penetration testing and threat emulation exercises with MARFORCYBER/MCCOG.

• Cross-team collaboration: Partner with INS, EDM, EA, and Service Desk leads to integrate cybersecurity across network, messaging, cloud, and application operations.

• Reporting & deliverables: Contribute CS updates to Weekly and Monthly Status Reports; deliver compliance dashboards, RMF status, vulnerability findings, and significant incident reporting.

VMLNKbcJii