GRC Compliance Officer

Mid-Level GRC Compliance Officer

Required (without the following, your profile will be rejected, please don't apply if you don't have the following)

• Active Public Trust Clearance
• Certified in industry recognized areas such as CISSP or CISM or CAP

Task Description:
This role is expected to have expertise in the NIST RMF process, security controls, system security plan (SSP) development and publishing of system security artifacts. The lead ISSO monitors daily squad scrums, daily scrum of scrums and semi-weekly update to leadership for actions required. This role provides Information Assurance subject matter expertise and translates security needs into technical solutions.
Required skills/Level of Experience:

• Conduct NIST Information Assurance Control Assessment 5 or more years' experience
• NIST Risk Management Framework (RMF) 5 or more years' experience
• Vulnerability compliance and remediation reporting 5 or more years' experience
• Maintain System Plan of Action and Milestones (POA&M) 5 or more years' experience
• Governance, Risk, & Compliance (GRC) Applications (e.g. Xacta, Archer, CSAM or eMASS) 3 plus Years Experience
• U.S. Citizenship

Nice to have skills:

• Tenable or TrendMicro or QRadar tools and reports - 3 plus Years experience
• System Development Lifecycle (exposure)
• Azure or AWS (exposure)
• Project Planning (exposure)