Guidehouse
HVA Assessment Lead Management Consultant
Guidehouse, Washington, DC
Job Family:
Cyber Consulting
Travel Required:
Up to 10%
Clearance Required:
Active Secret
What You Will Do:
Guidehouse is seeking a Managing Consultants who will own client engagements from cultivation to completion. In this role, you will be accountable for the activities of an Assessment Team and lead the planning and execution of High Value Asset (HVA) Cybersecurity Assessments on the federal government's most critical systems across. You will lead the execution of HVA assessments which include penetration testing services using a variety of tactics, techniques, and procedures to identify exploitable vulnerabilities in networks and systems while also measuring compliance with organizational security policies, testing whether staff are aware of security issues, and ultimately determining the organization's risk to cybersecurity threats.
What You Will Need:
What Would Be Nice To Have:
The annual salary range for this position is $125,600.00-$188,400.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at [redacted] or via email at RecruitingA[redacted]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.
Cyber Consulting
Travel Required:
Up to 10%
Clearance Required:
Active Secret
What You Will Do:
Guidehouse is seeking a Managing Consultants who will own client engagements from cultivation to completion. In this role, you will be accountable for the activities of an Assessment Team and lead the planning and execution of High Value Asset (HVA) Cybersecurity Assessments on the federal government's most critical systems across. You will lead the execution of HVA assessments which include penetration testing services using a variety of tactics, techniques, and procedures to identify exploitable vulnerabilities in networks and systems while also measuring compliance with organizational security policies, testing whether staff are aware of security issues, and ultimately determining the organization's risk to cybersecurity threats.
- Serve as the Assessment Lead and responsible for overall assessment execution and guidance of technical and operator team members.
- Develop executive-focused Assessment Report sections.
- Develop current state security architecture diagrams.
- Lead the communication with senior executives and stakeholders on assessment requirements.
- Lead technical interviews with system stakeholders to determine if risks to the HVA are identified, evaluated, and managed.
- Lead the documentation of Rules of Engagement to guide the scope, develop test plan, and assist with acquiring management approval.
- Lead Penetration Team Operators to perform network mapping and reconnaissance, internal and external Testing including Red Team testing activities that focus testing activity towards accessing specific target datasets. Testing methodology should include crafted e-mails, custom public websites, exploit code, and social engineering.
- Analyze test results, develop a report on discovered vulnerabilities, and provide risk-based recommendations to remediate those vulnerabilities.
- Confirm all deliverables are completed and meet expected quality standards.
- Manage cybersecurity or HVA Program to ensure compliance with regulatory requirements and mitigate cyber risks to systems
What You Will Need:
- An ACTIVE and MAINTAINED SECRET Federal or DoD security clearance
- Bachelor's Degree
- FIVE (5) or more years' of experience related to Cybersecurity Risk Assessment or Cybersecurity Program Management or HVA Assessment and/or HVA Program Management
What Would Be Nice To Have:
- An ACTIVE and MAINTAINED TOP SECRET Federal or DoD security clearance preferred
- One of the following certifications: Offensive Security Certified Professional (OSCP) or GIAC Penetration Tester (GPEN) or Certified Ethical Hacker (CEH) Certification, CISSP.
- Excellent oral and written communication and presentation skills.
- Communicates effectively and demonstrates leadership role with clients and fellow team members.
- Experience managing direct client engagement team to deliver impactful support to Federal clients.
- Experience developing and maintaining working relationships while serving Federal clients onsite.
- Ability to identify obstacles and opportunities that impact the success of plans or initiatives.
- Previous passing of the CISA AES HVA Assessment or ability to pass the CISA AES HVA Assessment course.
- Experience supporting US government cybersecurity programs.
- CISSP or CISM certifications.
- PMP Certification.
- Experience with managing/supporting and/or knowledge of cybersecurity or high value asset program, and Security Architecture Review.
- Certified CISA AES HVA Assessment Lead with experience conducting HVA assessments or performing Risk and Vulnerability Assessments.
- Knowledge of Cybersecurity Framework, Risk Management, NIST 800-83 Rev 5.
The annual salary range for this position is $125,600.00-$188,400.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
- Medical, Rx, Dental & Vision Insurance
- Personal and Family Sick Time & Company Paid Holidays
- Position may be eligible for a discretionary variable incentive bonus
- Parental Leave and Adoption Assistance
- 401(k) Retirement Plan
- Basic Life & Supplemental Life
- Health Savings Account, Dental/Vision & Dependent Care Flexible Spending Accounts
- Short-Term & Long-Term Disability
- Student Loan PayDown
- Tuition Reimbursement, Personal Development & Learning Opportunities
- Skills Development & Certifications
- Employee Referral Program
- Corporate Sponsored Events & Community Outreach
- Emergency Back-Up Childcare Program
- Mobility Stipend
About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at [redacted] or via email at RecruitingA[redacted]. All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee.