Cyber Compliance and Risk Management Lead

Location
Washington, DC
Posted
Jul 19, 2019
Closes
Jul 22, 2019
Ref
R0062508
Hours
Full Time
Cyber Compliance and Risk Management Lead
Key Role:

Lead the Audit Readiness and Response workstream for Security PMO supporting the Pension Benefit Guarantee Corporation's (PBGC) Office of Information Technology (OIT). Perform a variety of audit readiness and response activities, including reviewing and evaluating OIG findings to determine OIT audit readiness, developing audit finding remediation strategies, developing and monitoring Plans of Action and Milestones (POA&Ms), overseeing response to auditor documentation requests, evaluating evidence, writing narrative reports to support audit finding closure, collaborating on OIG- and executive-level presentations, participating in audit finding debriefs as a representative of OIT, and developing OIT responses to audit recommendations and reports. Support the application of the NIST Risk Management Framework (RMF), monitor security controls, deliver workshop sessions to educate impacted stakeholders on audit report contents, and evaluate and enhance the client's enterprise audit readiness process continuously.

Basic Qualifications:

-8+ years of experience in Cybersecurity, information security operations, or information security audits

-Knowledge of OMB Circulars and NIST risk and security controls guidelines and special publications and documents

-Knowledge of Cyber threat capabilities and technical capabilities to defend networks and systems.

-Knowledge of network operating systems, SLAs, and service expertise.

-Ability to thrive in a fast-paced, mission-driven environment

-Ability to work effectively as a member of a team and communicate with senior officials, when appropriate.

-Ability to prioritize and coordinate multiple tasks simultaneously

-Ability to obtain a security clearance

-BA or BS degree required

Additional Qualifications:

-Experience in working with IT audits and assessments preferred

-Knowledge of networking fundamentals, enterprise risk management, and NIST Risk Management Framework (RMF) preferred

-Possession of excellent oral and written communication skills to clearly and concisely document Cybersecurity vulnerability details and escalate appropriately, when required

-Possession of excellent initiative, critical thinking time, and management skills

-CISA Certification preferred

Clearance:
Applicants selected will be subject to a security investigation and may need to meet eligibility requirements for access to classified information.

We're an EOE that empowers our people-no matter their race, color, religion, sex, gender identity, sexual orientation, national origin, disability, veteran status, or other protected characteristic-to fearlessly drive change.

Similar jobs