DMI (Digital Management, LLC.) is a global technology solutions company that specializes in digital strategy, design, transformation and support. Utilizing expertise from six unique DMI Groups, in the areas of AI & Analytics, Commerce, Experience, Managed Services, Transformation, and Government, DMI delivers intelligent digital transformation solutions that meet organizations where they are. Born digital, DMI has been delivering mission-critical, enterprise grade solutions since 2002 for over a hundred Fortune 1000 enterprises and all fifteen U.S. Federal Departments. DMI has grown to 2,000+ employees globally and has been continually recognized by top industry analysts as market leader as well as a Top Place to Work by the Washington Post. DMInc.com | Careers | Twitter | LinkedIn | Facebook About the Opportunity
DMI (Digital Management, LLC.) is looking for a Project Lead
with background experience in compliance security assessment functions. The Project Lead will be responsible for planning, tasking, monitoring, and controlling, and successful closure of security assessment efforts for assigned state of Maryland government agencies. This role will be responsible for performing the following tasks: Duties and Responsibilities:
Qualifications Education and Years of Experience:
- Serve as the Team lead for security assessment project teams.
- Assess assigned security assessment project tasks and milestones and allocate tasking and responsibilities of team members according to their respective strengths.
- Perform daily checks on outstanding project tasks keep the team on track to complete milestones accordingly.
- Clarify issues or questions for team members facilitate obtaining the necessary support to remove roadblocks.
- Provide clarification to agencies stakeholders questions to ensure successful assessment outcomes.
- Provide feedback to Project Manager on performance issues and improvements on implemented security assessment approaches, processes, procedures, methodologies etc.
- Provide technical guidance and mentoring to project team members.
- Tactically navigate stalemate situations to manage competing interests and priorities among stakeholders.
- Assess and understand at a high-level organization mission, goals, and objectives and relate cyber security principles and requirements to the mission.
- Assess/audit and understand organization security objectives for mission support capability areas as captured in security policies, directives, orders, and underpinning legal and regulatory requirements i.e., Access Management, Incident Response, Identity Management, Asset Management.
- Analyze and map management, operational, and technical security controls to mission support capability areas and develop assessment session talking points.
- Assess/audit and understand organization management/operational plans, processes, procedures, standards, and guidelines to determine their level of alignment in support of objectives outlined in security policies, directives, and orders.
- Assess/audit and organization technical security controls and determine their alignment in support of objectives outlined in security policies, directives, and orders.
- Translate and explain cyber security principles and technical security requirements to non-technical stakeholders to facilitate understanding implementation and maturity of management, operational, and technical security controls, based organization mission objectives outlined in security policies, directives, orders, and standards.
- Identify body of evidence/artifacts required to support implementation and maturity of management, operational, and technical security controls i.e., Policies, plans, process, procedures, guidelines, standards, and system architecture, design, and configuration documents, service and change control tickets, logs, reports, formal and informal communication artifacts.
- Analyze assessment feedback and body of evidence/artifacts and identify maturity of controls and residual operating risks, based on organization mission objectives outlined in security policies, directives, orders, and standards.
- Communicate assessment/audit risk findings and mitigations to technical and non-technical stakeholders.
- Identify, monitor, and communicate to the Project Manager task performance risks, issues, problems, and develop and implement mitigations or request assistance needed.
- Provide support developing and maintaining security assessment practice documentation i.e., Polices, plans, processes, procedures, guideline, standards, methodologies, report templates, questionnaire templates.
Required Knowledge, Skills/Certifications, and Abilities
- At least five (5) years of experience security assessment projects and project teams.
- At least eight (8) years of hands-on experience performing security assessments.
- Bachelor's degree from an accredited college or university with a major in Computer Science, Information Systems, Cybersecurity, or related discipline.
Desired Knowledge, Skills/Certifications, and Abilities:
- Excellent written and oral communication, and presentation skills
- Ability to facilitate security assessment sessions/interviews/data calls, ensuring that technical requirements are communicated clearly to agency stakeholders.
- Self-starter, able to assess, plan, assign, and monitor/execute security assessment project task ensuring successful closure.
- Customer-oriented with excellent issue follow-through and resolution abilities.
- Ability to develop, motivate, and manage project teams.
- Outstanding interpersonal skills, strong work ethic, and self-motivated.
- Able to perform gap analysis and initiate process, procedure, methodology improvements.
- Utilize tools and analytical skills to plan and execute tasks.
Min. Citizenship Status Required
- CISSP, or CISA, or CISM, or CRISC, or CAP, or relevant industry security certifications
- PMP or relevant industry project management certifications
- Experience with relevant laws and regulations: FISMA, HIPAA, HITECH, IRS, GDPR etc.
- Experience with any of the following security controls frameworks: NIST SP 800-53 Rev 4, SANS 20 Critical Security Controls, CIS Controls (Basic, Foundational, and Organizational), COBIT 5, HITRUST Common Security Framework, ISO 27001/2, SOC 1/SOC 2
- Experience with any of the following assessment frameworks/models: Data Management Maturity Model (DMM), Capability Maturity Model Integration (CMMI), NIST Cyber Security Framework (CSF), NIST Risk Management Framework (RMF), NIST Privacy Framework
: US Citizen Location
: Baltimore, MD area or Remote (but must be Eastern Standard Time Zone) Physical Requirements:
N/A Working at DMI
DMI is a diverse, prosperous and rewarding place to work. Being part of the DMI family means we care about your wellbeing. As such, we offer a variety of perks and benefits that help meet various interests and needs, while still having the opportunity to work directly with a number of our award winning, Fortune 1000 clients. The following categories make up your DMI wellbeing:
- Community - Blood drives, volunteering opportunities, Holiday parties, summer picnics, Tech Chef, Octoberfest just to name a few ways DMI comes together as a community.
- Convenience/Concierge - Virtual visits through health insurance, pet insurance, commuter benefits, discount tickets for movies, travel and many other items to provide convenience.
- Development - Annual performance management, continuing education and tuition assistance, internal job opportunities along with career enrichment and advancement to help each employee with their professional and personal development.
- Financial - Generous 401k match for both pre-tax and post-tax (ROTH) contributions along with financial wellness education, EAP, Life Insurance and Disability help provide financial stability for each DMI employee.
- Recognition - Great achievements do not go unnoticed by DMI through Annual Awards ceremony, service anniversaries, peer-to-peer acknowledgement through Give-A-Wow, employee referral bonuses.
- Wellness - Healthcare benefits, Wellness programs, Flu Shots, Biometric screenings, on-site lactation rooms provide employees with several wellness options.
Employees are valued for their talents and contributions. We all take pride in helping our customers achieve their goals, which in turn contributes to the overall success of the company.
The company does and will take affirmative action to employ and advance in employment individuals with disabilities and protected veterans, and to treat qualified individuals without discrimination on the basis of their physical or mental disability or veteran status. DMI is an Equal Opportunity Employer Minority/Female/Veterans/Disability. DMI maintains a drug-free workplace.
***************** No Agencies Please *****************
Applicants selected may be subject to a government security investigation and must meet eligibility requirements for access to classified information. US citizenship may be required for some positions.