Logo
VetJobs

VetJobs is hiring: GRC Cybersecurity SME - Washington DC in Washington

VetJobs, Washington, D.C., US


Job Description ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spouses, Wounded Warriors, and their Caregivers. If you have the required skill set, education requirements, and experience, please click the submit button and follow the next steps. MindPoint Group is looking for a dynamic Senior Cybersecurity Subject Matter Expert in Governance, Risk, and Compliance. Responsibilities: Serve as a trusted advisor to senior leadership up to the CISO and Deputy CISO as an expert in the field of information assurance and cybersecurity. Provide advisory support to the customer agency-s needs and challenges such as maturing the Governance, Risk, and Compliance (GRC) program, improving the ATO process, responding to government-wide mandates, and developing or updating policies to close agency gaps and improve metrics. Continuously monitor for new federal guidance (e.g. BODs, mandates, etc.), perform research and assess impact, disseminate relevant information, and provide guidance to the customer and MPG team on relevant actions such as changes to agency policies and procedures. Review the agency-s existing GRC processes and templates for quality and completeness and recommend changes as needed. Participate in the quality assurance process by reviewing the quality of team deliverable content and leading or participating in retrospectives to identify lessons learned and improvement opportunities. Lead executive briefings. Provide direction to and subject matter expertise in security control reviews, security audits, evaluations, and risk assessments of sensitive and complex operational systems and facilities and provides recommendations for remediating detected vulnerabilities. Provide direction to and subject matter expertise in application or system security assessments, authorizations, and evaluations. Provide advisory support to the customer agency-s plan to implement a Supply Chain Risk Management (SCRM) program. Provide the agency with guidance on policies, procedures, templates, and technologies to support the agency-s program. Advise on the implementation of the Department's cybersecurity training program. Coordinate and lead cybersecurity initiatives that cut across teams and skillsets. Support specific technical reviews to support non-standard operational requirements and systems, including design, development, and maintenance of unique security assessment security tools and conducting assessments. Certificates/Security Clearances/Other Desired: CISSP highly desired Clearance: US Citizenship, Public Trust eligibility required Additional Qualifications/Responsibilities Required: Bachelor-s Degree or an equivalent combination of formal education and experience. Bachelor's Degree may be substituted for 8 additional years of relevant experience Minimum 8 years of general experience and 6 years of relevant experience in functional responsibility Well-versed in cyber risk management and must have experience working with SDLC and performing security tasks throughout Experience with and working understanding of FISMA compliance, experience conducting all phases of Certification and Accreditation, and creating documentation in accordance with NIST guidance Well-versed with NIST publications, including NIST 800 series, OMB circulars such as OMB A-123 circular and OMB A-130 circular and memoranda CFO Act agency experience preferred Experience with FISMA, CIO, and OIG metrics preferred Strong analytical and organizational skills Strong communication skills and demonstrated experience interacting with senior leadership Concise writing skills Desired: CISSP highly desired Understanding of and experience with CSAM is a plus Clearance: US Citizenship, Public Trust eligibility required Location: Hybrid (local Washington, DC preferred for the ability to attend customer meetings in-person, as needed)