Cybersecurity Risk Assessment Lead
2 weeks ago
Gunnison Consulting is seeking a Cybersecurity Risk Assessment Lead to work in the Washington, DC area to support the Department of Health and Human Services' (HHS) cybersecurity mission of ensuring HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats.
The Cybersecurity Risk Assessment Lead will work with the HHS Office of Information Services (OIS) Cybersecurity Risk Management Branch federal client and the Cybersecurity Risk Management Project Manager in the development, coordination, and execution of Risk Assessments through HHS OpDivs/StaffDivs. The candidate must be able to lead a small team in support of a fast-paced and dynamic customer environment with broad impact to the customer's mission. The role requires a competent leader, self-starter, and strong problem solver who can identify/anticipate requirements and provide creative solutions to the team.
Location: Remote
Duties and responsibilities include:
- Lead risk assessments, develop strategies to mitigate risks, identify potential vulnerabilities to the organization's IT infrastructure, and ensure compliance with industry regulations.
- Create and utilize a Cyber Risk Register to aggregate and normalize the risks documented at the Department level.
- Monitor and analyze emerging cyber threats and provide proactive solutions to mitigate risks.
- Collaborate with cross-functional teams to implement and execute enterprise risk assessments.
- Develop and maintain GRC risk assessment procedures.
- Stay updated on the latest industry trends and technologies related to cyber risk management.
- Communicate risk assessment findings and recommendations to senior management and stakeholders.
- Maintain documentation of all risk management processes, procedures, and findings.
- Monitor, track, and report assessment results for risk owners; as well as escalate risks to Senior Leadership.
- Develop mitigation and corrective action plans with application/system owners.
- Define expectations for assessments/re-assessments.
- Communicate and collaborate with internal teams, stakeholders, and leadership.
- Assist with tracking and remediation of vulnerabilities.
- Recommend appropriate policy, standards, process, and procedural updates as part of comprehensive remediation solutions.
- Develop and provide key risk metrics for the cybersecurity risk management program.
- Develop and maintain documentation in support of audit reviews.
Required Qualifications:
- Bachelor's degree and seven (7) or more years of related professional experience; Master's degree and three (3) or more years of related professional experience
- 7+ years of project management experience as a government contractor
- Proficient with Microsoft Products (Excel, Word, Project)
- Strong presentation skills and ability to adapt to various customers, to include government and/or contractors
- Possess an inclination for critical thinking and analytical approaches to solving problems dealing with issues not readily defined and/or conflict with available information with the ability to reach sound decisions quickly employing systematic, multi-step approaches
- Ability to resolve complex issues
- Ability to work independently
- Demonstrated knowledge of cybersecurity concepts and principles
- Superior writing and communication skills
- Industry-standard cybersecurity certification required (e.g. Security+, CISM)
- CRISC certified or in-progress
Education Requirement: Bachelor's degree in Computer Science, Information Systems, Engineering or related field (or equivalent experience +5 years of experience)
Clearance Requirement: Ability to obtain and maintain a Public Trust.
Why Join Gunnison?
- Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
- Quality is our top priority.
- Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
- There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.
- We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
- We hire for careers at Gunnison, not to fill a position.
Employee Benefits
Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:
- Bonuses AND profit-sharing
- 401k Matching
- Certifications and training allowance $2,500/year
- 3 weeks of personal leave your first year (160 hours can roll over every year)
- 5 days of Flex-Time-Off per year
Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.
In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.
-
Cybersecurity Assessments Lead and Scheduler
2 weeks ago
Washington, Washington, D.C., United States Gunnison Consulting Group Inc Full timeJob DescriptionWe are seeking a highly skilled Cybersecurity Assessments Lead and Scheduler to support a Department of Defense customer. The team will collaborate with the client to identify, assess, and prioritize computing risks while developing strategies to secure the Agency's systems, networks, and data. This will ensure the accreditation of systems...
-
Cybersecurity Risk Management Lead
2 weeks ago
Washington, United States BTI Full timeBusiness Technology Integrators (BTI) is in search of an Information Systems Security Manager (ISSM) to spearhead a dedicated team focused on implementing risk management strategies for our diverse portfolio of on-premise, vendor, and cloud-based systems.The ideal candidate will be responsible for:Leading Information System Security Officers (ISSO):...
-
Cybersecurity Risk Management Lead
4 days ago
Washington, United States BTI Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Management Lead to join our team at BTI. As a key member of our organization, you will be responsible for leading our risk management efforts and ensuring the security of our customer's inventory of on-premise, vendor, and cloud-based systems.Key ResponsibilitiesManage Information System...
-
Cybersecurity Risk Management Lead
1 week ago
Washington, United States BTI Full timeBusiness Technology Integrators (BTI) is in search of an Information Systems Security Manager (ISSM) to oversee a dedicated team focused on implementing risk management strategies for our client's array of on-premise, vendor, and cloud-based systems.The ideal candidate will be responsible for:Leading Information System Security Officers (ISSO): Guide the...
-
Cybersecurity Threat Assessment Lead
2 weeks ago
Washington, United States Bank of America Full timePosition Title: Cybersecurity Threat Assessment LeadLocation: Multiple LocationsPosition Overview:At Bank of America, our mission is to enhance financial well-being through every connection we make. Our commitment to Responsible Growth shapes our operations and how we serve our clients, colleagues, communities, and shareholders.We prioritize creating an...
-
Cybersecurity Risk Management Lead
2 weeks ago
Washington, United States BTI Full timeBusiness Technology Integrators (BTI) is in search of an Information Systems Security Manager (ISSM) to spearhead a dedicated team focused on implementing risk management strategies across our client's diverse systems, including on-premise, vendor, and cloud-based environments.The ideal candidate will be responsible for:Leading Information System Security...
-
Cybersecurity Risk Management Lead
2 weeks ago
Washington, United States BTI Full timeBusiness Technology Integrators (BTI) is in search of an Information Systems Security Manager (ISSM) to oversee a dedicated team focused on implementing risk management strategies for our diverse range of systems, including on-premise, vendor, and cloud-based solutions.The ideal candidate will be responsible for:Leadership: Directing Information System...
-
Cybersecurity Risk Management Lead
1 day ago
Washington, Washington, D.C., United States Gunnison Consulting Group Inc Full timeAbout the RoleGunnison Consulting Group Inc is seeking a highly skilled Cybersecurity Risk Management Lead to support a Department of Defense customer. The successful candidate will be responsible for identifying, assessing, and prioritizing computing risks while developing strategies to secure the Agency's systems, networks, and data.Key...
-
Navy Cybersecurity Risk Management Lead
2 weeks ago
Washington, Washington, D.C., United States Booz Allen Hamilton Full timeAbout the Position:We are seeking a dedicated Navy Cybersecurity Risk Management Lead to join our team at Booz Allen Hamilton. In this pivotal role, you will contribute significantly to the Navy's efforts in combating cyber threats. Your expertise in information security risk management will be essential in identifying and addressing vulnerabilities within...
-
Navy Cybersecurity Risk Management Lead
1 week ago
Washington, Washington, D.C., United States Booz Allen Hamilton Full timeOpportunity for Navy Cybersecurity Risk Management Lead:Become an integral part of our team as a Navy Cybersecurity Risk Management Lead, where you will significantly contribute to the Navy's efforts in combating cyber threats. We seek a seasoned information security risk expert to aid the Navy in recognizing and alleviating risks linked to their IT...
-
Cybersecurity Risk Management Leader
1 week ago
Washington, United States BTI Full timeBusiness Technology Integrators (BTI) is on the lookout for an Information Systems Security Manager (ISSM) to spearhead a dedicated team focused on implementing risk management strategies across our diverse range of systems, including on-premise, vendor, and cloud-based solutions.The ideal candidate will be responsible for:Leading a team of Information...
-
Cybersecurity Risk Management Specialist
2 weeks ago
Washington, United States ASRC Federal Holding Company Full timePosition Overview ASRC Federal Holding Company is on the lookout for a proficient Cybersecurity Risk Management Specialist to enhance our team. The selected candidate will play a pivotal role in delivering extensive information assurance support and cybersecurity knowledge, with a particular focus on Cybersecurity-Supply Chain Risk Management (SCRM). This...
-
Cybersecurity Risk Specialist
4 days ago
Washington, Washington, D.C., United States Booz Allen Hamilton Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Risk Specialist to join our team at Booz Allen Hamilton. As a Cybersecurity Risk Specialist, you will play a critical role in helping our clients understand and mitigate cyber risks.Key ResponsibilitiesConduct risk assessments and develop mitigation plans to help clients understand and manage cyber...
-
Head of Cybersecurity Risk Oversight
2 weeks ago
Washington, Washington, D.C., United States MORS Full timeHead of Cybersecurity Risk Oversight - MORSMORS is in search of an exceptional candidate for the position of Head of Cybersecurity Risk Oversight. This role is integral to our commitment to safeguarding information and ensuring robust security practices.Position Summary:Oversee the formulation, implementation, and management of the organization's...
-
Cybersecurity Risk Management Leader
1 week ago
Washington, United States BTI Full timeBusiness Technology Integrators (BTI) is in search of an Information Systems Security Manager (ISSM) to spearhead a dedicated team focused on implementing risk management strategies across our client's array of on-premise, vendor, and cloud-based systems.The ideal candidate will provide expertise in the following areas:Team Leadership: Oversee Information...
-
Chief Cybersecurity Risk Officer
2 weeks ago
Washington, United States Georgetown University Full timeGeorgetown University, situated in a historic area of the nation's capital, is dedicated to providing a rigorous academic environment, a global outlook, and a commitment to social justice. Our community consists of a close-knit group of exceptional individuals who are passionate about intellectual exploration and making a positive impact in the world....
-
Lead Cybersecurity Risk Management Specialist
2 weeks ago
Washington, United States SAIC Full timeSAIC is seeking a seasoned Cybersecurity Risk Management Specialist to join our dedicated team supporting a significant government entity in the National Capital Region. This role presents an exciting opportunity to collaborate with a team focused on IT Security Governance, Risk Management, and Compliance, providing essential support to the agency's...
-
Cybersecurity Lead
1 week ago
Washington, Washington, D.C., United States Booz Allen Hamilton Full timeJob Summary:We are seeking a highly skilled Cybersecurity Lead to join our team at Booz Allen Hamilton. As a Cybersecurity Lead, you will be responsible for examining and assessing technical documents to ensure adherence to security standards and rules.Key Responsibilities:Guide projects and programs through a successful Authority to Operate (ATO) evaluation...
-
Cybersecurity Risk Analyst
2 weeks ago
Washington, United States Coalfire Federal Full timeAbout Coalfire Coalfire Federal is a market leading cybersecurity consultancy firm that provides independent and tailored advice, assessments, technical testing and a full suite of cyber engineering services to Federal agency customers. Coalfire Federal along with its parent company, Coalfire, has an unparalleled client list with deep customer relationships...
-
Cybersecurity Solutions Architect Lead
2 weeks ago
Washington, Washington, D.C., United States Gunnison Consulting Group Inc Full timeJob DescriptionWe are seeking a highly skilled Cybersecurity Solutions Architect Lead that can bring demonstrated experience to support a Department of Defense customer. The team will support the client in identifying, assessing, and prioritizing computing risks while developing strategies to secure the Agency's systems, networks, and data. It will ensure...
