Job Description
Job Description:
- Minimum Qulaification:
- Demonstrated 5 years or more experience leading cybersecurity risk management programs of 5 or more IT professionals
- Subject Matter Expert (SME) with NIST SP 800-37 Risk Management Framework, 800-60, 800-53, 800-171, FIPS199, FISMA, FedRAMP, NIST SP guidance and other federal cybersecurity-related policies, directives, and mandates (e.g., related OMB)
- Demonstrated experience with system/application security, risk management, third party management and risk remediation
- Demonstrated experience performing risk management activities developing and maintaining System Security Plans (SSPs), Risk Assessment and Recommendations (RARs), Plan of Action and Milestones (POA&M), and developing Executive level briefings
- Certification:
- International Information System Security Certification Consortium (ISC)2
- Certified Information Systems Security Professional (CISSP)
- ISACA's Certified Information Security Manager (CISM)
- High Qualification:
- 5+ years serving in Lead role (i.e., supervisory, program manager, etc.) managing tasks, schedules, resource allocation, and communication with key stakeholders, etc.(For Lead Senior ISSO only)
- 7+ years Subject Matter Expert (SME) with NIST SP 800-37 Risk
- Management Framework, 800-
- 60, 800-53, 800-171, FIPS199
- (and related OMB and NIST guidance)
- 7+ years' experience with system/application security, risk management, information assurance third party management and risk remediation
- 7+ years performing risk management activities developing and maintaining System Security Plans (SSPs), Plan of Action and Milestones (POA&M), and developing Executive level briefings
- 3+ years' experience using the Cyber Security Assessment and Management (CSAM) tool
- Experience with Qmulos Q- Compliance
- 1+ years performance in the role as an ISSM
- Certification: Project Management Institute (PMI) Project Management Professional (PMP) certified
Apply tot his job
Apply To this Job