Cyber Security Risk Assessor - Level 3 -- Wmata-005
Posting Title: Cyber Security Risk Assessor - Level 3 Specific Position Requirements Is this a new requirement or is there an incumbent?NewDeliverables Subject Matter Expert (SME) in Risk Management Tools, Techniques and Methodologies and Frameworks.SME in conducting IT RISK Evaluations, Assessments, and Reporting. SME in Classifying and monitoring IT risksSME in maintaining a Risk Register and DashboardDefine a risk appetite for WMATA ITExperience with PCI compliance and responding to IT audits SOW Labor Category/Experience Level/WBS #126.96.36.199.3. Cyber Security Risk Assessor - Level 3Supplemental Duties Tasks Specific to this requirement:188.8.131.52. ResponsibilitiesServes as a lead cyber and information security consultant to the project team by conducting security risk assessments and providing guidance on securing information systems, applications, and networksProvides technical guidance and expertise in the areas of secure applications development, security risk management and assessment, security policies and standards, security architectures and implementations, and effective security risk assessment practicesPerforms application and technology design reviews, security risk assessments, requirements analysis, security testing oversight, risk remediation planning, and security project managementDevelops, reviews, and implements security risk management policies, standards, and practicesDefines security and policy compliance requirements in supporting the acquisition and deployment of security software, systems, and servicesProvides guidance on the development and integration of a security development lifecycle (SDL) to include secure development, testing, and configuration of application and web architecturesReview and assess vendors information security solutions and deliverables, including technologies and architectures, security controls and procedures, and contract documentation184.108.40.206. Minimum RequirementsExperience with design and development of secure enterprise communications systemsExperience with the analysis, systems design, implementation and testing of secure enterprise information systemsExperience in Network engineering with emphasis' in design, implementation, operations and maintenance of a variety of Windows Services, Application and Database servers, relevant Network Security appliance and Endpoint Security products 220.127.116.11.3. Level 3: Expert level - . Master's degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience 8+ years of related technical experience Company Description: NBS Enterprises creates competitive advantages. We isolate and overcome constraints to deliver performance value for all involved: you, your customer, and your employees. We break current market staffing trends with price-sensitive strategies solutions. Our goal is to work in partnership with you, our client, become a trusted advisor and teammate to establish a relationship that provides you and your team with a competitive advantage at both the contract and at the task order levels. NBS' innovative 'Triangle' approach to staffing support provides you, your customer, and your future employee a risk mitigation solution that is second to none.