Risk Management Consultant

Risk Management Experience, Audit Experience, CISSP, Compliance Regulations
Contract W2, 1 year
Negotiable
Telecommuting not available Travel not required

Job Description

Please note that this is a 1 year contract position.

 

Job Description: The position is responsible for completing Governance Risk and Compliance (GRC) functions that entails security control implementation, continuous monitoring, and federal Assessment and Authorization (A&A) activities within Client. 

The following are the primary responsibilities: 
• Works closely with client to ensure operational security measures are implemented. 
• Assesses and mitigates system security risks; determines and analyzes security requirements for implementation and testing. 
• Reviews and continuously monitors implemented security controls. 
• Creates and maintains security checklists, templates and other tools to aid in the A&A process. 
• Performs security control assessment using NIST 800-53A guidance and as per continuous monitoring requirements. 
• Performs risk analyses to determine and recommends essential safeguards. 
• Proactively mitigates system vulnerabilities and recommends compensating controls. 
• Prepares security authorization packages in accordance with the client contractual requirements. 
• Develops core documents such as System Security Plan, Contingency Plan, Incident Response Plan, Standard Operating Procedures, Plan of Actions and Milestones, Remediation Plans, Configuration Management Plan, etc. 
• Maintains client-specific Plan of Action and Milestones and supports remediation activities. 
• Maintains an inventory of hardware and software for the information system. 
• Develops, tests and trains on Contingency and Incident Response planning. 
• Conducts independent scans of application, network and database and utilizes Managed Security Services Vulnerability Assessment Team (VAT) support as applicable. 

The ISSO operates as a trusted advisor in the organization, working with client management and focusing specifically on the security environment in relation to client business objectives. The ISSO helps to understand operational issues and plans the next steps in collaboration with Account ASOs from an information security viewpoint. The position will be able to demonstrate industry expertise and understanding of security governance and compliance. This position requires the ability to interact and influence at an organizational level to carry out governance, risk and compliance activities. 
Qualifications: • Must be able to be pass US Government Clearance processes - Secret Level or Public Trust 
• Education and Experience Required: 
- 5-7 years’ experience working in a risk management, audit, security or technical delivery role 
- Bachelor or master degree in Computer Science, Computer Studies, Information Security (or equivalent combination of education and experience) 
- Knowledge of the security countermeasures and overall RMF and NIST compliance regulations 
- Excellent and effective communication skills 
- Ability to work effectively in diverse, multi-national and virtual environments 
- Self-motivated and tenacious 
- Demonstrate sound judgment and integrity 

Preferred Skills: 
- Experience in overall Security Risk and Compliance initiatives 
- CISSP, CISM/CISA or CRISC a plus 
- Fluent in English 

Candidates must have all required skills/experience to be considered.

 

For consideration, please reference job number 1529. 

Posted By

San Francisco, CA

Contact
Dice Id : NETSO
Position Id : 1529
Have a Job? Post it

Similar Positions

Cyber Security Risk Expert
  • General Dynamics Information Technology
  • Washington, DC
Cyber Security Analyst
  • Gibbs & Cox, Inc.
  • Arlington, VA
Information System Security Officer
  • Softworld Inc
  • Washington, DC
Information System Security Officer (ISSO)
  • VariQ Corporation
  • Washington, DC
Security Risk Assessor & Vulnerability Management Analyst
  • Net ESolutions Corporation (NETE)
  • Rockville, MD
IT Security Architect
  • Experis
  • Washington, DC
Cyber Security Compliance Specialist
  • Redport Information Assurance
  • Washington, DC
Information Systems Security Officer
  • TistaTech
  • Washington, DC
Cyber Security Analyst
  • LongView International Technology Solutions, Inc.
  • Silver Spring, MD
Cyber Security Associate 3
  • Salient CRGT
  • Washington, DC
Technical Information Security Assurance Specialist
  • CyberData Technologies
  • Rockville, MD