Offer summary

Qualifications:

5–8 years of IT or cybersecurity experience with a focus on NIST frameworks, especially 800-53., Proven ability to develop System Security Plans (SSPs) and related documentation., Experience using ServiceNow GRC or similar compliance management platforms., Strong communication skills and experience managing client relationships and team deliverables..

Key responsibilities:

Lead the development and maintenance of security documentation such as SSPs and SARs.

Implement and map controls aligned with NIST 800-53 Revision 5.

Manage compliance workflows and system artifacts using ServiceNow GRC.

Liaise with stakeholders, lead a junior analyst, and present project status reports.

Job description

Description

About Dragonfli Group

The Dragonfli Group is a small business headquartered in Washington, DC, providing cybersecurity and IT consulting services to U.S. government agencies and large commercial enterprises. Our team supports programs ranging from short-term engagements to multi-year initiatives. We are known for our professionalism, agility, and mission-driven focus.

Position Overview

We are seeking a Senior NIST Consultant to support a cybersecurity program in Richmond, VA. This is a hybrid role with 2-3 days/week onsite requiring regular presence at the client location. The consultant will lead system security documentation, perform NIST 800-53 control implementation, and manage compliance efforts using ServiceNow GRC. The ideal candidate is technically adept, detail-oriented, and confident interfacing with both technical teams and client stakeholders.

Key Responsibilities

Develop and maintain System Security Plans (SSPs), Security Assessment Reports (SARs), and associated A&A documentation.
Map and implement controls aligned with NIST 800-53 Revision 5.
Utilize ServiceNow GRC to manage compliance workflows and system artifacts.
Liaise with stakeholders to gather system data, define security postures, and address assessment requirements.
Ensure timely delivery of documentation and security milestones.
Lead and mentor a junior analyst and provide quality oversight of their work.
Create and present project status reports to internal and external audiences.
Identify process improvements in security governance and compliance.

Requirements

Required Qualifications

5–8 years of total IT or cybersecurity experience
5–8 years of hands-on experience with NIST frameworks, especially 800-53
Demonstrated expertise in developing SSPs and related documentation
Proficient in using ServiceNow GRC or similar platforms
Strong verbal and written communication skills
Experience managing client relationships and team deliverables in a deadline-driven environment

Certifications (Preferred | Nice-to-have)