Cybersecurity Risk Manager(ISSO)
NikSoft is currently conducting a search for a Cybersecurity Risk Manager to third-party risk management activities at the United States Postal Service. The candidate will have expertise in Project Management, Risk Assessment, Incident Root Cause Analysis; Information Assurance (IA) processes; achieving system ATOs, and continuous monitoring. The successful candidate will experience an unparalleled large-scale enterprise environment with over 800 Information Technology systems, processing billions of dollars in annual revenue and supporting a diverse user base spread across the entire US. Join the NikSoft team to scale your career to the next level.Responsibilities:The candidate will support the mission of the Cybersecurity Risk Management by organizing and preparing for senior level meetings, provide direction to team on activities of the week, support team members in preparing timely deliverable and tracking action items. The candidate will lead third-party cyber risk management planning including reporting and tracking. The candidate will define clear tasks, communicate topics to leadership through concise and succinct presentations, and organize meeting preparation materials.The candidate will drive the review and certification of information technology systems following the USPS CISO policies and procedures (modeled based on NIST RMF).The candidate will manage action items, work to resolve issues, and identify and document system risks and vulnerabilities.Providing input to and develop, write, edit and submit documentation in support of the project deliverables.Work closely with the system teams and program/project managers as well as interfacing with CISO and CIO stakeholders as needed.Establish audit policy and reporting mechanisms for ensuring compliance with IA/IS standards by keeping current with IA/IS requirements.Lead the development of risk management by creating plans, procedures, protocols, and evaluation measures and ensuring there are desired levels of enterprise-wide IA/IS.Oversee the presence and adequacy of security measures proposed or provided in response to requirements contained in acquisition documentsQualifications:Bachelor's degree in Information Technology or a relevant Cybersecurity field, and 7+ years of overall experience.5+ years of experience working as a Risk, Information Assurance, or Information Systems Security Analyst.Strong knowledge of the NIST Risk Management Framework (RMF) and security controls is required.The candidate must have strong experience identifying and assessing third-party risks within On-Prem and Cloud environments. This candidate must understand the risk management process, risk mitigation, and risk tracking. Hands on experience creating ATO packages, and continuous monitoring compliance in a large-scale enterprise environment is required.Experience working with leading edge technologies and innovative risk compliance and mitigation processes (automated monitoring, automated ATOs, etc.).Must have strong communication skills, both oral and written, with excellent interpersonal, team and organization skills. Must have strong knowledge of MS Office products to include PowerPoint, Word, Excel, and Outlook.A self-starter with proven abilities to collaborate and gather information from multiple teams.Certification in one or more of; Systems Security Certified Practitioner (SSCP), CompTIA Security+, CPTE - Certified Penetration Testing Engineer, CEH - Certified Ethical Hacker, or Certified Information System Security Professional (CISSP)Demonstrable experience with Security Operation tools inclusive of products from SPLUNK, Solarwinds, FireEye, Looking Glass, Intel, Endgame, StealthWatch, RSA, and TaniumPreferred Qualifications:A current DoD Secret or higher clearance is highly preferred (with adjudication within the last 5 years).Cloud (Microsoft Azure and Google Cloud Platform) and hybrid environment experience is preferred. Candidates must be able to obtain a Postal Sensitive Clearance (US Citizenship or Green Card required). Additionally, candidates must not have traveled outside of the USA for a combined period not to exceed 6 months within the last 5 years.