Cybersecurity Compliance Team Lead

Company: Copper River IT
Location: Rockville
Posted on: January 10, 2022

Job Description:

Join our family of companies and let us invest in your career and personal development! -At TACG, your growth is our success. As an employee, you will have access to education and training benefits and work/life balance through our Open Leave Policy. Your health is most important, so you'll be "covered" with medical, dental and vision insurance. We offer immediate vesting with 401k matching, don't delay and apply today! -We are a seeking a Cybersecurity Compliance Team Lead to provide continued mission critical support to our client, and provide steward mentorship to current staff members while executing the mission.

• Review existing Agency security documentation, perform interviews of key personnel, and review technical control implementations of the existing Cloud environments and FISMA on prem environments
• Collaborate with 3PAO's to prepare application materials demonstrating that the organization meets both technical competence in security assessment of cloud systems and management requirements for organizations performing inspections
• Review and assess security assessment plan to include a comprehensive set of procedures for assessing the effectiveness of security controls implemented in on premises applications and cloud environments and enabling more consistent, comparable, and repeatable assessments of security controls customized for cloud applications
• Develop security assessment reports to include all the assessment results and assigned mitigation strategy for each risk; perform analysis on each finding to promote a better understanding of the risks to organizational operations; organizational assets, and individuals
• Develop NIST / FISMA / FedRAMP SA&A documentation for systems and networks undergoing certification and validate the quality of deliverables produced by the team
• Assess risks, identify mitigation requirements and develop accreditation recommendations; be responsible for tracking SA&A requirements for assigned systems within the agency and validate that tasks are on schedule, and ensure the delivery of quality documentation
• Assist in the creation of SA&A packages with the responsibility for gathering information from system owners, applying data to the appropriate templates, and attending meetings in support of the effort
• Assist in responding to requests for information from OMB A-123, FISMA, GAO, and external auditors. Follow Agency procedures to gather and track information
• Develop and implement information assurance/security standards and procedures
• Coordinate, develop, and evaluate security programs for an organization; recommends information assurance/security solutions to support customers' requirements
• Actively participate in client discussions and meetings
  Education:

  • Bachelor of Science in Computer Science, Information Security, Management Information Systems, Computer Information Systems or Engineering or other related fields
  • Required Knowledge/Experience:
    • Seven plus (7+) years Information Assurance experience
    • Seven plus (7+) years of working experience in security related field
    • Security +, CISSP, CCSK, SANS, ISC2, or other relevant certification
    • Experience in developing and implementing Information Assurance plan for a new information system development effort
    • Excellent problem solving skills and strong attention to detail
    • Ability to work effectively in a rapidly changing, team-based environment
    • Excellent communication and collaboration skills with business and technical communities
    • Working knowledge of a structured modeling technique (e.g., BPMN, IDEF, UML, etc.)
    • Proficient in Microsoft Office suite
    • All candidates subject to a full background check
    • Experience in technical writing/editing of IT Security materials
    • Experience working with Federal Agencies
    • Conducting FedRAMP Readiness Assessments and reviewing ATO packages for FedRAMP Cloud environments
    • Experience implementing NIST 800-53 rev.4 security controls in a FedRAMP Cloud environment for the Federal Government
    • Experience with Cloud Architecture requirements necessary to provide public, private, or hybrid Cloud services
    • Designing security architecture solutions within Cloud Service Provider environments (e.g. AWS, Azure)
    • Experience and Competency with RSA Archer, or similar GRC tool
    • Ability to work in a fast-paced, demanding environment
    • Excellent organizational skills and strong attention to detail
    • Ability to prioritize duties based on shifting demands
    • Prior team lead/mentoring experience to junior staff
    • Strong analytical and problem-solving skills
    • Excellent verbal and written communication skills
      -

      • Perform other tasks consistent with the goals and objectives of the department/contract
      • Perform other duties as assigned
      • Must comply with all federal COVID-19 related vaccination and testing requirements, including, but not limited to, those set out in Executive Order 14042Disclaimer: -The above statements are intended to describe the general nature and level of work performed by employees assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties and skills required of personnel so classified.EEO/AA Employer Minorities/Females/Vets/Disability

Keywords: Copper River IT, Rockville , Cybersecurity Compliance Team Lead, Other , Rockville, Maryland