Position: Lead Compliance Specialist
Location: Washington, DC(Hybrid)
Duration: Long Term
Job Description:
The Lead Compliance Specialist is responsible for the SAMHSA Information Security Program Plan, Risk Management Framework execution, Security Assessment and Authorization (SA&A) workflow, FISMA reporting cadence, policy development and lifecycle management, and privacy program governance. This position serves as the Government's primary technical liaison on compliance matters and is the principal author of FISMA monthly, quarterly, and annual reports; the SAMHSA Information Security Program Plan; the NIST CSF Implementation Plan; SA&A authorization packages; and the Privacy program artifacts (PIA, SORN, PTA, TPWA, Privacy Act clearance reviews). Note: This Key Personnel position is filled from SAIC under the prime/sub teaming arrangement IF the kickoff-deck workshare allocation places PWS Tasks 5.1, 5.2, 5.3, 5.4, 5.5, 5.6, and 5.8 with SAIC. Confirm with BD Lead before sourcing.
Mandatory Qualifications
Minimum five (5) years cybersecurity experience with progressive responsibility.
Solid working understanding of FISMA, NIST publications (SP 800-53 Rev 5, SP 800-37 Rev 2, SP 800-137, SP 800-161 Rev 2), and federal privacy laws including the Privacy Act of 1974 and HIPAA.
Demonstrated experience processing Privacy Impact Assessments (PIAs) and System of Records Notices (SORNs) through the federal lifecycle (PTA > PIA > SORN publication in the Federal Register).
Demonstrated experience as principal author of FISMA reports submitted to a federal CIO/CISO at the agency or sub-agency level.
Experience with federal authorizing official engagement and ATO authorization package development.
Preferred Qualifications
Direct experience supporting an HHS Operating Division (OpDiv) or Staff Division (StaffDiv)
Experience with HHS Privacy Compliance Officer (PCO) or Senior Agency Official for Privacy (SAOP) coordination
Experience with FedRAMP-authorized cloud environments and shared-responsibility model assessments
Familiarity with OMB privacy memoranda (M-17-12, M-22-09, M-24-04, M-24-10) and Executive Orders 14144 and 14306
Experience with continuous ATO (cATO) implementation and OSCAL machine-readable artifact production
Baltimore Cyber Range (BCR) Cybersecurity Technical Proficiency
Required Certifications (mandatory unless noted)
MANDATORY ONE OF: CISSP, CAP, Security+, CISM, GSEC, OR equivalent (DoD 8570 IAT Level II or higher; COR-approved equivalents permitted)
Active or recent Public Trust suitability
Recruiting Submission Checklist
Resume in TGI federal proposal format (chronological work history, certifications, education, security clearances, federal experience flag)
Signed Letter of Commitment (using template in Section 4 of this document)
Verified copies of required certifications (e.g., CISSP, CAP, CISM)
Public trust suitability status if currently held; HSPD-12 readiness statement if not
Contact information for two professional references (federal supervisors preferred)
Confirmation of availability within 30-day Transition-In window
Best Regards,
Ashok Kumar
Sr. Talent Acquisition Specialist
Email:
Web: ;br /> 4229 Lafayette Center Dr, Suite 1880, Chantilly, VA 20151
Never miss an opportunity! Create an alert based on the job you applied for.
