Cyber Security Delivery Lead

Cyber Security Delivery Lead

NEED USC

Location: DC; Lakemary, FL; Pittsburgh; NYC

10- 12 MONTHS contract with chances of ext/conversion

JD

- Possess deep understanding of the FedRamp High and National Institute of Standards and Technology (NIST) Risk Management Framework and supporting legislation such as the Federal Information System Modernization Act of 2014 (FISMA).

- Develop and maintain comprehensive security documentation required by FedRamp, including conductive frequent reviews and updates for continued accuracy.

- Ensures internal controls related to information risk management are effective and drive the review of continued compliance to FedRamp High requirements.

- Lead the Authority to Operate (ATO) processes for information systems.

- Demonstrate a breadth of knowledge of information risk management best practices and a thorough understanding of control and risk management concepts.

- Perform security control assessments, including establishing metrics and measures to assess security control effectiveness, and provide recommendations for any areas of improvement.

- Serve as the primary point of contact for all inquiries pertaining to audits, security documentation, and control compliance.

- Displays the ability to collaborate with team members (technical and non-technical) to ensure issues are addressed and relevant technical risk information is collected.

- Provide briefings on the ATO status, audit findings and remediations, and current control gaps.

- Contribute to reducing the likelihood of negative reputational and regulatory due to non-compliance with the Bank's information risk management policies and standards, including local procedures specific to the assigned business/business partner areas.

Identify and assess potential threats and vulnerabilities.

- Prepare and coordinate the evidence required for audits, including responding to any audit findings.