Contribute to or manage the development of a robust Risk Management Framework (RMF) package necessary to achieve and maintain a full, multi-year Authority to Operate (ATO) for multiple systems to include privacy documentation with minimal guidance.
Achieve operational targets with major impact on the RMF.
Create, establish, document, and refine the security controls, policies, procedures, and artifacts necessary to ensure applicable security requirements are met.
Document findings and improvement recommendations related to control deficiencies and develop recommendations for corrective action.
Develop assessment plans and coordinate with other members of the Risk Management team to ensure that security objectives are met and improved.
May lead others to solve complex customer problems and use sophisticated analytical thought to exercise judgement and identify innovative solutions
Introduce and apply creative solutions to improve compliance of systems and technologies.
Ability to communicate findings and recommendations to cross-functional management and stakeholders.
Monitor and track corrective actions in the form of Plan of Action and Milestones (POA&Ms) to ensure that deficiencies are addressed in a timely manner.
Stay abreast of changes to NIST and FISMA guidance and incorporate these changes into the organizational RMF process.
Responsible for making moderate or significant improvements to organizational Interconnection Service Agreements.
What You Will Need:
BA/BS degree and minimum 6-8 years of working experience in Risk Management Framework practices as it relates to system security. Degree can be substituted with additional 4 years of experience
Experience supporting the Risk Management Framework and applicable guidance/requirements.
Experience with Cyber Security policies, FedRAMP and/or other US Government Assessment and Authorization (A&A) processes and procedures.
Proven experience with documenting required supporting artifacts to obtain and maintain an Authority To Operate.
Demonstrated strong knowledge of project management.
Clear understanding of network architecture.
Ability to conduct interviews with technical subject matter experts to gather information and assess compliance with controls.
Strong analytical skills and attention to detail.
Excellent written and verbal communication skills to communicate with key stakeholders, process owners, and customers to manage expectations, eliminate gaps, and ensure success.
Candidate must be a Permanent Resident or US Citizen
Must be able to pass the government background investigation
What Would Be Nice To Have:
Experience with Microsoft Office, specifically, Word, Excel, Teams, and PowerPoint.
Supporting Federal project
Professional security certification such as CIA, CISA, or CISSP a plus.
Experience working with commercial Cloud Service Providers a plus.
The annual salary range for this position is $99,000.00-$148,500.00. Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs.
What We Offer:
Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace.
Benefits include:
Medical, Rx, Dental & Vision Insurance
Personal and Family Sick Time & Company Paid Holidays
Parental Leave
401(k) Retirement Plan
Group Term Life and Travel Assistance
Voluntary Life and AD&D Insurance
Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts
Transit and Parking Commuter Benefits
Short-Term & Long-Term Disability
Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities
Employee Referral Program
Corporate Sponsored Events & Community Outreach
Care.com annual membership
Employee Assistance Program
Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.)
Position may be eligible for a discretionary variable incentive bonus
About Guidehouse
Guidehouse is an Equal Employment Opportunity / Affirmative Action employer. All qualified applicants will receive consideration for employment without regard to race, color, national origin, ancestry, citizenship status, military status, protected veteran status, religion, creed, physical or mental disability, medical condition, marital status, sex, sexual orientation, gender, gender identity or expression, age, genetic information, or any other basis protected by law, ordinance, or regulation.
Guidehouse will consider for employment qualified applicants with criminal histories in a manner consistent with the requirements of applicable law or ordinance including the Fair Chance Ordinance of Los Angeles and San Francisco.
If you have visited our website for information about employment opportunities, or to apply for a position, and you require an accommodation, please contact Guidehouse Recruiting at 1-{removed} or via email at {removed} . All information you provide will be kept confidential and will be used only to the extent required to provide needed reasonable accommodation.
Guidehouse does not accept unsolicited resumes through or from search firms or staffing agencies. All unsolicited resumes will be considered the property of Guidehouse and Guidehouse will not be obligated to pay a placement fee
benefits
The annual salary range for this position is $99,000.00-$148,500.00 Compensation decisions depend on a wide range of factors, including but not limited to skill sets, experience and training, security clearances, licensure and certifications, and other business and organizational needs Guidehouse offers a comprehensive, total rewards package that includes competitive compensation and a flexible benefits package that reflects our commitment to creating a diverse and supportive workplace Medical, Rx, Dental & Vision Insurance Personal and Family Sick Time & Company Paid Holidays Parental Leave 401(k) Retirement Plan Group Term Life and Travel Assistance Voluntary Life and AD&D Insurance Health Savings Account, Health Care & Dependent Care Flexible Spending Accounts Transit and Parking Commuter Benefits Short-Term & Long-Term Disability Tuition Reimbursement, Personal Development, Certifications & Learning Opportunities Employee Referral Program Corporate Sponsored Events & Community Outreach Care.com annual membership Employee Assistance Program Supplemental Benefits via Corestream (Critical Care, Hospital Indemnity, Accident Insurance, Legal Assistance and ID theft protection, etc.) Position may be eligible for a discretionary variable incentive bonus
responsibilities
Contribute to or manage the development of a robust Risk Management Framework (RMF) package necessary to achieve and maintain a full, multi-year Authority to Operate (ATO) for multiple systems to include privacy documentation with minimal guidance Achieve operational targets with major impact on the RMF Create, establish, document, and refine the security controls, policies, procedures, and artifacts necessary to ensure applicable security requirements are met Document findings and improvement recommendations related to control deficiencies and develop recommendations for corrective action Develop assessment plans and coordinate with other members of the Risk Management team to ensure that security objectives are met and improved May lead others to solve complex customer problems and use sophisticated analytical thought to exercise judgement and identify innovative solutions Introduce and apply creative solutions to improve compliance of systems and technologies Ability to communicate findings and recommendations to cross-functional management and stakeholders Monitor and track corrective actions in the form of Plan of Action and Milestones (POA&Ms) to ensure that deficiencies are addressed in a timely manner Stay abreast of changes to NIST and FISMA guidance and incorporate these changes into the organizational RMF process Responsible for making moderate or significant improvements to organizational Interconnection Service Agreements
qualifications
Ability to Obtain Public Trust BA/BS degree and minimum 6-8 years of working experience in Risk Management Framework practices as it relates to system security Degree can be substituted with additional 4 years of experience Experience supporting the Risk Management Framework and applicable guidance/requirements Experience with Cyber Security policies, FedRAMP and/or other US Government Assessment and Authorization (A&A) processes and procedures Proven experience with documenting required supporting artifacts to obtain and maintain an Authority To Operate Demonstrated strong knowledge of project management Clear understanding of network architecture Ability to conduct interviews with technical subject matter experts to gather information and assess compliance with controls Strong analytical skills and attention to detail Excellent written and verbal communication skills to communicate with key stakeholders, process owners, and customers to manage expectations, eliminate gaps, and ensure success Candidate must be a Permanent Resident or US Citizen Must be able to pass the government background investigation Experience with Microsoft Office, specifically, Word, Excel, Teams, and PowerPoint Supporting Federal project
Cookies & PrivacyWe do care about your privacy. we use cookies to give you the best experience of our website and our platform. By browsing and using our services on your browser, mobile app and any service is related to us you agree to our use of cookies.
Accept itMore information