Kaizen Lab Inc.
Cyber GRC (Governance, Risk, and Compliance) Specialist (085-23) New Orleans, LA
Kaizen Lab Inc., New Orleans, Louisiana, United States, 70123
Anglicotech (AT) is seeking an experienced Cyber GRC (Governance, Risk, and Compliance) Specialist. The Cyber GRC Specialist will be responsible for ensuring the cybersecurity and compliance of Mission Systems through comprehensive assessment and certification processes. You will play a critical role in evaluating and mitigating cybersecurity risks, ensuring adherence to legal requirements, regulations, and industry standards, and supporting the Coast Guard's mission to safeguard the nation's waterways. This position requires a strong understanding of cybersecurity principles, risk management, and compliance frameworks.Responsibilities:
Project Planning and ExecutionCybersecurity Assessment: Conduct thorough cybersecurity assessments of the C5I System to identify vulnerabilities, assess risks, and determine compliance with relevant regulations, policies, and frameworks.Compliance Management: Ensure the Mission System complies with cybersecurity standards and regulations such as NIST (National Institute of Standards and Technology) Cybersecurity Framework, Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), and US DoD and Coast Guard cybersecurity policies.System Certification: Lead the certification process for the Mission System, including preparing documentation, coordinating with stakeholders, conducting risk assessments, and facilitating authorization and accreditation (A&A) efforts.Risk Management: Identify, assess, and prioritize cybersecurity risks associated with the Mission System, develop risk mitigation strategies, and collaborate with stakeholders to implement appropriate security controls.Vulnerability Management: Monitor and evaluate system vulnerabilities, security patches, and updates, ensuring timely remediation and maintaining an up-to-date system security posture.Security Awareness and Training: Develop and deliver cybersecurity awareness and training programs to Mission System users, promoting a culture of cybersecurity awareness and adherence to best practices.Incident Response and Recovery: Support incident response efforts by assisting in the investigation, containment, and recovery from cybersecurity incidents affecting the Mission System.Documentation and Reporting: Prepare and maintain comprehensive documentation, including information assurance plans, security plans, risk assessment reports, system authorization packages, and compliance reports.Collaboration and Communication: Collaborate with cross-functional teams, system engineers, architects, IT personnel, and external stakeholders to address cybersecurity concerns, provide guidance on security controls, and facilitate effective communication.Industry Trends and Best Practices: Stay up-to-date with the latest cybersecurity trends, emerging threats, and industry best practices, ensuring the Mission System remains resilient and compliant.Requirements:
Extensive experience (5+ years) in cybersecurity, risk management, and compliance, with a focus on system certification and accreditation.Strong knowledge of cybersecurity frameworks, such as NIST Cybersecurity Framework, RMF, and FISMA.Familiarity with Coast Guard and Department of Defense (DoD) cybersecurity policies and guidelines.Experience with conducting cybersecurity assessments, risk analysis, and vulnerability management.Knowledge of system certification and authorization processes, including A&A, and familiarity with relevant tools such as eMASS (Enterprise Mission Assurance Support Service).Solid understanding of network security principles, secure system configurations, encryption technologies, and assurance of industrial networks.Excellent analytical and problem-solving skills, with the ability to assess complex system architectures and identify potential vulnerabilities and risks.Strong written and verbal communication skills, with the ability to convey complex cybersecurity concepts to technical and non-technical stakeholders.Ability to obtain and maintain a security clearance at the Secret level.Education and Experience:
Bachelor's or Post Graduate degree in cybersecurity, computer science, or a related field. Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are preferred.
#J-18808-Ljbffr
Project Planning and ExecutionCybersecurity Assessment: Conduct thorough cybersecurity assessments of the C5I System to identify vulnerabilities, assess risks, and determine compliance with relevant regulations, policies, and frameworks.Compliance Management: Ensure the Mission System complies with cybersecurity standards and regulations such as NIST (National Institute of Standards and Technology) Cybersecurity Framework, Risk Management Framework (RMF), Federal Information Security Management Act (FISMA), and US DoD and Coast Guard cybersecurity policies.System Certification: Lead the certification process for the Mission System, including preparing documentation, coordinating with stakeholders, conducting risk assessments, and facilitating authorization and accreditation (A&A) efforts.Risk Management: Identify, assess, and prioritize cybersecurity risks associated with the Mission System, develop risk mitigation strategies, and collaborate with stakeholders to implement appropriate security controls.Vulnerability Management: Monitor and evaluate system vulnerabilities, security patches, and updates, ensuring timely remediation and maintaining an up-to-date system security posture.Security Awareness and Training: Develop and deliver cybersecurity awareness and training programs to Mission System users, promoting a culture of cybersecurity awareness and adherence to best practices.Incident Response and Recovery: Support incident response efforts by assisting in the investigation, containment, and recovery from cybersecurity incidents affecting the Mission System.Documentation and Reporting: Prepare and maintain comprehensive documentation, including information assurance plans, security plans, risk assessment reports, system authorization packages, and compliance reports.Collaboration and Communication: Collaborate with cross-functional teams, system engineers, architects, IT personnel, and external stakeholders to address cybersecurity concerns, provide guidance on security controls, and facilitate effective communication.Industry Trends and Best Practices: Stay up-to-date with the latest cybersecurity trends, emerging threats, and industry best practices, ensuring the Mission System remains resilient and compliant.Requirements:
Extensive experience (5+ years) in cybersecurity, risk management, and compliance, with a focus on system certification and accreditation.Strong knowledge of cybersecurity frameworks, such as NIST Cybersecurity Framework, RMF, and FISMA.Familiarity with Coast Guard and Department of Defense (DoD) cybersecurity policies and guidelines.Experience with conducting cybersecurity assessments, risk analysis, and vulnerability management.Knowledge of system certification and authorization processes, including A&A, and familiarity with relevant tools such as eMASS (Enterprise Mission Assurance Support Service).Solid understanding of network security principles, secure system configurations, encryption technologies, and assurance of industrial networks.Excellent analytical and problem-solving skills, with the ability to assess complex system architectures and identify potential vulnerabilities and risks.Strong written and verbal communication skills, with the ability to convey complex cybersecurity concepts to technical and non-technical stakeholders.Ability to obtain and maintain a security clearance at the Secret level.Education and Experience:
Bachelor's or Post Graduate degree in cybersecurity, computer science, or a related field. Relevant certifications such as CISSP (Certified Information Systems Security Professional), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are preferred.
#J-18808-Ljbffr