Partners in your success

Risk Management Framework Lead

Location: Virginia
Position City: Ft. Belvoir
Position State:
Position Zip Code: 22060
Country: United States

Description

• Conduct third party risk assessments to assist in determining their ability to protect confidential and sensitive data.
• Act as a subject matter expert, liaise with key business and technology stakeholders to ensure compliance expectations are realized in a timely manner.
• Communicate on regular basis with key stakeholders on status, issues and solutions to resolving those issues.
• Analyze assessment findings and establish a risk score based on an established scoring framework.
• Monitor appropriate sources for newly identified vulnerabilities, evaluate the risks such vulnerabilities pose to the organization’s information and systems, and advise management of appropriate measures to eliminate or reduce the organization’s risk or exposure to such vulnerabilities.
• Work with Oversight Managers to ensure Security is engaged in projects.
• Develop security deliverables based on the security documentations that is provided by the vendor.
• Maintains an up-to-date understanding of industry best practices.
• Assesses threats and vulnerabilities regarding information assets and recommends the appropriate security measures.
• Interfaces with third-party vendors to evaluate changes in vendor infrastructure.
• Assist with the development of processes and procedures for managing, assessing, and evaluating the risk management activities.
• Assist with identification of risk owners, development of mitigation plans, steps integration into the IMS, and tracking of mitigation steps.
• Facilitate periodic Risk Management Working Groups.
• Support the presentation of risks to the Risk Management Control Board (RMCB).
• Assist in identification and management of a Risk tool to manage, track, and map to the Integrated Master Schedule.
• Assist with the identification, procurement, and implementation of a risk management tool to manage, track, and map to the Integrated Master Schedule (IMS).
 


REQUIRED SKILLS AND EXPERIENCE
 

• Ability to manage system vulnerabilities and associated Risk Management Documents (Plans of Actions and Milestones (POAMs), Risk Acceptance Documents, and Waivers.
• Working understanding of  of DISA System Technical Implementation Guide (STIGs) and have the ability to provide guidance to technical Subject Matter Experts (SMEs) based on those STIGS.
• Understanding of a wide variety of IT system infrastructure and application development methodologies.
• Excellent problem-solving ability.
• Amazing attention to detail.
• 10+  years experience in  Risk Management Framework (RMF) concepts and process.
• IAM level III compliance (CISSP or equivalent)

Desired Skills/Certifications:
• ITIL v3 Foundations
• Knowledge Army's RMF management package Enterprise Mission Assurance Support Service (eMASS)

 

REQUIRED EDUCATION
 
• BS Degree in Engineering, Computer Science, Information Systems
 
 

REQUIRED SECURITY CLEARANCE
 
• Active Secret clearance
 


EOE M/F/Disability/Vet





Are you a returning applicant?

Previous Applicants:

If you do not remember your password click here.

Back to Search Results

New Search


Powered By Taleo