Risk Management Project Director
3 weeks ago
We are seeking a motivated and customer-oriented professional to support our HHS client.
Location:
Remote
Duties and responsibilities include:
Provide strategic leadership to the enterprise cybersecurity risk management task area of the Cybersecurity Support Services (CSS) program at the Department of Health and Human Services (HHS).
Provide strategic leadership of activities required under Circular A-123,
Management Responsibility for Internal Controls , as well as those under the
Federal Managers Financial Integrity Act of 1982,
improving accountability and effectiveness of federal programs and operations.
Manage communication between contract support, federal leads, and the HHS Risk Branch Chief regarding personnel, processes, contract deliverables, etc.
Conduct assessments to determine the likelihood and potential impact of identified risks in each program area.
Anticipate and identify risks associated with risk program areas, develop and recommend risk mitigation plans to minimize the impact of identified risks, and work with HHS to implement changes to mitigate risks and improve overall HHS risk posture.
Work with Risk Team Leads to mature HHS Risk area programs and processes.
Provide leadership and guidance to the Risk Team, fostering a culture of risk awareness and accountability.
Continuously evaluate and improve HHS' risk management processes, tools, and methodologies based on industry best practices and lessons learned.
Ensure that risk management practices comply with relevant regulatory requirements and industry standards.
Support additional activities under other task areas of the contract, as directed by the CSS Program Manager.
Required Qualifications
:
Understanding of risk-related guidance from the National Institute of Standards and Technology (NIST); particularly Special Publication 500, 800, and 1800 series, as well as Interagency or Internal Reports (NISTIRs) and related artifacts.
Identifying factors and circumstances that may influence or lead to the formation of risks, issues, and opportunities.
Eliciting risks, issues, and opportunities from historical references, technical documentation, business processes, and U.S. Government-approved interview techniques, such as prompt lists and dipstick queries.
Experience defining and explaining risks, issues, and opportunities from a:
Threat-centric approach.
Control-centric approach.
Vulnerability-centric approach.
Experience performing all steps of the NIST Risk Management Framework (RMF).
Experience with both identifying and modeling threats.
Excellent verbal and written communication required.
Desired Qualifications:
Performing enterprise risk assessments.
Performing enterprise risk analyses (qualitative, quantitative, and semi-quantitative).
Performing issue and opportunity impact assessments and analyses.
Performing privacy threshold assessments (PTAs) and privacy impact analyses (PIAs).
Evaluating and comparing mitigations (including cost/benefit and time/resource evaluations).
Performing analyses of alternatives (AoAs).
Familiarity (prefer experience) with multi-layer and multi-dimensional relationships between specific and enterprise risks, issues, and opportunities, as described in ISO 31000, the 7 imperatives of Continuous Adaptive Risk and Trust Assessment (CARTA), the COSO Cube
, and (ISC)2.
Working familiarity with U.S. Government approved mitigation approaches.
Experience as an Information System Security Officer (ISSO) and/or a Security Control Assessor (SCA).
Performing physical facility risk, issue, and opportunity (RIO) walkthrough inspections.
Developing taxonomies to clarify the policy-level relationship between traditional GRC and privacy.
Procedure development and process improvement, such as ITIL, Lean, Six Sigma, and CMMI.
The following certifications and training are preferred:
Project Management Professional (PMP)
Certified Risk Manager (CRM) or Certified Risk Management Professional (CRMP)
Completion of U.S. Government authorized RMF training, either:
Introduction to the RMF , from the Center for Development of Security Excellence (CDSE), Defense Counterintelligence and Security Agency;
or
RMF for Systems and Organizations Introductory Course - Version 2 , from NIST.
Certified Authorization Professional (CAP), Certified Information Systems Security Professional (CISSP), and/or Certified Cloud Security Professional (CCSP)
Education Requirement:
Bachelor's degree in business administration, Cybersecurity, or related field required
Clearance Requirement
: Ability to obtain and maintain a Public Trust.
Why Join Gunnison?
Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
Quality is our top priority.
Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.
We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
We hire for careers at Gunnison, not to fill a position.
Employee Benefits
Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:
Bonuses AND profit-sharing
401k Matching
Certifications and training allowance $2,500/year
3 weeks of personal leave your first year (160 hours can roll over every year)
5 days of Flex-Time-Off per year
Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.
In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects.
By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could
, the company has thrived for over 25 years.
#J-18808-Ljbffr
-
Project Manager
1 month ago
Washington, United States Voter Education Project Full timeSTRATEGIES FOR CHANGE GROUP WHO WE ARE: Since 2013, Strategies For Change Group has combined insightful advice with meaningful involvement to effect real change in communities. Our expertise spans business-to-business engagement, phone banking programs, peer-to-peer texting, and canvassing initiatives. As a minority-owned and operated firm, SFCG has engaged...
-
Project Manager
1 month ago
Washington, United States Civics Education Project Full timeJob DescriptionJob DescriptionSTRATEGIES FOR CHANGE GROUP WHO WE ARE: Since 2013, Strategies For Change Group has combined insightful advice with meaningful involvement to effect real change in communities. Our expertise spans business-to-business engagement, phone banking programs, peer-to-peer texting, and canvassing initiatives. As a minority-owned and...
-
Project Manager
1 month ago
Washington, United States Voter Education Project Full timeJob DescriptionJob DescriptionSTRATEGIES FOR CHANGE GROUP WHO WE ARE: Since 2013, Strategies For Change Group has combined insightful advice with meaningful involvement to effect real change in communities. Our expertise spans business-to-business engagement, phone banking programs, peer-to-peer texting, and canvassing initiatives. As a minority-owned and...
-
Cyber Risk Management Project Manager
4 weeks ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionGunnison Consulting is seeking a Cybersecurity Risk Assessment Lead to work in the Washington, DC area to support the Department of Health and Human Services' (HHS) cybersecurity mission of ensuring HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging...
-
Cyber Risk Management Project Manager
1 month ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionGunnison Consulting is seeking a Cybersecurity Risk Assessment Lead to work in the Washington, DC area to support the Department of Health and Human Services' (HHS) cybersecurity mission of ensuring HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging...
-
Cyber Risk Management Project Manager
1 month ago
Washington, United States Gunnison Consulting Group Inc Full timeGunnison Consulting is seeking a Cybersecurity Risk Assessment Lead to work in the Washington, DC area to support the Department of Health and Human Services' (HHS) cybersecurity mission of ensuring HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance...
-
Project Manager
1 month ago
Washington, United States LexisNexis Risk Solutions Group Full time** Project-Program Management Project Manager - Public Safety Service Delivery** * Brand: LexisNexis Risk Solutions * Location: Washington, District of Columbia, United States of America **Job Overview** The Public Safety Service Delivery Project Manager position is within the Government Service Delivery organization. This role provides project management...
-
Risk Management Officer
1 month ago
Washington, United States National Park Service Full timeSummary This position is located in Visitor and Resource Protection, in the Office of Risk Management Division. The National Park Service's Office of Risk Management (ORM) provides management direction, policy, oversight, and technical assistance for a variety of national programs relating to employee and visitor safety. The Chief, Office of Risk...
-
Fraud Risk Assessment Project Manager
7 days ago
Washington, United States iTech Solutions Full timeDescription: Essential Duties Ensure all deliverables meet both project scope and project owner expectations; Provide guidance and direction to the project team; Responsible for the timeliness and budget of all work activates and project deliverables; Lead the project kick-off meeting, milestone status meetings, and deliverable review meetings; Interface...
-
Project Manager
3 weeks ago
Washington, United States APSI Construction Management Full timeResponsibilities: Project Manager will provide leadership and mentorship and decisive guidance and direction in regard to the management of technical aspects of engineering related to building structures. Project Manager will be responsible for the overall management, in terms of technical quality, cost and schedule and will lead a diverse team of...
-
Project Manager 2
3 days ago
Washington, United States Federal Management Systems, Inc. Full time**Job Overview**: **Duties**: by the PB-ITS and ancillary support to other PBS offices, including regional offices - Provide project management support for Building, Monitoring, and Control (BMC) systems, Smart Building technologies, program implementation, documenting the inventory of business systems, as well as network design architecture. This support...
-
Project Manager
2 hours ago
Washington, United States PC Network Full timeThe Project Manager is responsible for overseeing the complex bulk badge roll out project that Corporate Security has responsibility for. The selected individuals will be required to work with the Director of Capital Projects, administrative assistances, employee customer base and other staff members to successfully rebadge nearly 6,000 employees. The...
-
Communications Director
2 weeks ago
Washington, United States The Hub Project Full timeCommunications Director Reports to: Senior Campaign Director Location: Washington, DC (Hybrid) Status: Full-time, Exempt Salary Range: $105k to $125k About The Hub Launched in 2016, The Hub is a nonprofit effort made up of a growing team of communications, research, and organizing experts with extensive experience in campaign strategy, digital, polling, and...
-
Director of Risk Management
2 weeks ago
Port Washington, United States Ansay & Associates Full timeThis role will report directly to the EVP, with a matrix reporting obligation to the Chief Development Officer regarding carrier-related matters such as (but not limited to) loss data for contingency revenue, loss ratio performance metrics, claim disputes, and significant claims. Essential Duties and ResponsibilitiesManage and Report on loss data for...
-
IT Project Manager
1 month ago
Washington, United States Federal Emergency Management Agency Full timeSummary This position is within the DHS, FEMA, Office of Response and Recovery, Logistics Management Directorate, Logistics Systems Division, Information Tech Support Branch located in Washington DC. The ideal candidate for this position will be a expert on providing technical advice, guidance, and recommendations to management and other technical...
-
Field Director
1 month ago
Washington, United States Voter Education Project Full timeAbout Us: Voter Education Project is a dynamic and forward-thinking consulting firm dedicated to driving positive change in our community. We are seeking a motivated and experienced Field Director to oversee and coordinate our grassroots organizing efforts. As a Field Director, you will play a pivotal role in mobilizing supporters, building strategic...
-
Cybersecurity Project Manager
4 weeks ago
Washington, United States SAIC Full timeJob ID: 2405870 **Location**:WASHINGTON, DC, US **Date Posted**:2024-04-24 **Category**:Program Management **Subcategory**:Project Analyst **Schedule**:Full-time **Shift**:Day Job **Travel**:No **Minimum Clearance Required**:None **Clearance Level Must Be Able to Obtain**:Public Trust **Potential for Remote Work**:No **Description** Our team is...
-
Senior Risk Management Analyst
4 weeks ago
Washington, Washington, D.C., United States ASRC Federal Holding Company Full timeASRC Federal AFSS is a premier provider of systems engineering, software engineering, system integration and project management services for real-time, mission-critical defense systems. We are seeking a Senior Risk Management Analyst to support a NASA contract in Greenbelt, MD.Responsibilities:Seeking an experienced senior-level Risk Management Analyst to...
-
Enterprise MF Risk
4 weeks ago
washington, United States Fannie Mae Full timeJob Description As a valued colleague on our team, you will contribute to assessing and identifying potential risks that may threaten our reputation, safety, security, and/or financial success, as well as collaborate with team in communicating and collaborating with key stakeholders across the enterprise, and understanding business objectivesTHE IMPACT YOU...
-
Risk Officer
4 days ago
Washington, United States IFC Systems Corporation Full time**Risk Officer** **Job #**: - req27629**Organization**: - World Bank**Sector**: - Risk**Grade**: - GF**Term Duration**: - 3 years 0 months**Recruitment Type**: - International Recruitment**Location**: - Washington, DC,United States**Required Language(s)**: - English**Preferred Language(s)**: **Closing Date**: - 6/3/2024 (MM/DD/YYYY) at 11:59pm...