Cyber Risk Management Project Manager
Found in: Talent US C2 - 2 weeks ago
Gunnison Consulting is seeking a Cybersecurity Risk Assessment Lead to work in the Washington, DC area to support the Department of Health and Human Services' (HHS) cybersecurity mission of ensuring HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats.
The Cybersecurity Risk Assessment Lead will work with the HHS Office of Information Services (OIS) Cybersecurity Risk Management Branch federal client and the Cybersecurity Risk Management Project Manager in the development, coordination, and execution of Risk Assessments through HHS OpDivs/StaffDivs. The candidate must be able to lead a small team in support of a fast-paced and dynamic customer environment with broad impact to the customer's mission. The role requires a competent leader, self-starter, and strong problem solver who can identify/anticipate requirements and provide creative solutions to the team.
Location: Remote
Duties and responsibilities include:
- Lead risk assessments, develop strategies to mitigate risks, identify potential vulnerabilities to the organization's IT infrastructure, and ensure compliance with industry regulations.
- Create and utilize a Cyber Risk Register to aggregate and normalize the risks documented at the Department level.
- Monitor and analyze emerging cyber threats and provide proactive solutions to mitigate risks.
- Collaborate with cross-functional teams to implement and execute enterprise risk assessments.
- Develop and maintain GRC risk assessment procedures.
- Stay updated on the latest industry trends and technologies related to cyber risk management.
- Communicate risk assessment findings and recommendations to senior management and stakeholders.
- Maintain documentation of all risk management processes, procedures, and findings.
- Monitor, track, and report assessment results for risk owners; as well as escalate risks to Senior Leadership.
- Develop mitigation and corrective action plans with application/system owners.
- Define expectations for assessments/re-assessments.
- Communicate and collaborate with internal teams, stakeholders, and leadership.
- Assist with tracking and remediation of vulnerabilities.
- Recommend appropriate policy, standards, process, and procedural updates as part of comprehensive remediation solutions.
- Develop and provide key risk metrics for the cybersecurity risk management program.
- Develop and maintain documentation in support of audit reviews.
Required Qualifications:
- Bachelor's degree and seven (7) or more years of related professional experience; Master's degree and three (3) or more years of related professional experience
- 7+ years of project management experience as a government contractor
- Proficient with Microsoft Products (Excel, Word, Project)
- Strong presentation skills and ability to adapt to various customers, to include government and/or contractors
- Possess an inclination for critical thinking and analytical approaches to solving problems dealing with issues not readily defined and/or conflict with available information with the ability to reach sound decisions quickly employing systematic, multi-step approaches
- Ability to resolve complex issues
- Ability to work independently
- Demonstrated knowledge of cybersecurity concepts and principles
- Superior writing and communication skills
- Industry-standard cybersecurity certification required (e.g. Security+, CISM)
- CRISC certified or in-progress
Desired Qualifications:
- Performing enterprise risk assessments.
- Performing enterprise risk analyses (qualitative, quantitative, and semi-quantitative).
- Performing issue and opportunity impact assessments and analyses.
- Performing privacy threshold assessments (PTAs) and privacy impact analyses (PIAs).
- Evaluating and comparing mitigations (including cost/benefit and time/resource evaluations).
- Performing analyses of alternatives (AoAs).
- Familiarity (prefer experience) with multi-layer and multi-dimensional relationships between specific and enterprise risks, issues, and opportunities, as described in ISO 31000, the 7 imperatives of Continuous Adaptive Risk and Trust Assessment (CARTA), the COSO Cube®, and (ISC)2.
- Working familiarity with U.S. Government approved mitigation approaches.
- Experience as an Information System Security Officer (ISSO) and/or a Security Control Assessor (SCA).
- Performing physical facility risk, issue, and opportunity (RIO) walkthrough inspections.
- Developing taxonomies to clarify the policy-level relationship between traditional GRC and privacy.
- Procedure development and process improvement, such as ITIL, Lean, Six Sigma, and CMMI.
- The following certifications and training are preferred:
- Project Management Professional (PMP)
- Certified Risk Manager (CRM) or Certified Risk Management Professional (CRMP)
- Completion of U.S. Government authorized RMF training, either:
- Introduction to the RMF, from the Center for Development of Security Excellence (CDSE), Defense Counterintelligence and Security Agency; or
- RMF for Systems and Organizations Introductory Course - Version 2, from NIST.
- Certified Authorization Professional (CAP), Certified Information Systems Security Professional (CISSP), and/or Certified Cloud Security Professional (CCSP)
Education Requirement:Bachelor's degree in Computer Science, Information Systems, Engineering or related field (or equivalent experience +5 years of experience)
Clearance Requirement: Ability to obtain and maintain a Public Trust.
Why Join Gunnison?
- Gunnison takes on ambitious projects. We target fun, challenging work that requires creative thinking and innovation.
- Quality is our top priority.
- Gunnison employee benefits meet or exceed what other companies in the Washington, D.C. metropolitan area offer.
- There is a great sense of camaraderie at Gunnison. This is an atmosphere we will maintain as we continue to grow.
- We are growing rapidly and the opportunity for individual professional growth with Gunnison is outstanding.
- We hire for careers at Gunnison, not to fill a position.
Employee Benefits
Gunnison employee benefits meet or beat other companies in the Washington, D.C. metropolitan area, including:
- Bonuses AND profit-sharing
- 401k Matching
- Certifications and training allowance $2,500/year
- 3 weeks of personal leave your first year (160 hours can roll over every year)
- 5 days of Flex-Time-Off per year
Equal Opportunity/Affirmative Action Employer. Must be eligible for employment in the United States. We are unable to sponsor candidates at this time.
In 1994 Gunnison Consulting Group began serving the greater Washington, D.C. metro area, focused on tackling our customers' most ambitious technology projects. By creating a culture dedicated to enabling our customers and employees to achieve more than they ever thought they could, the company has thrived for over 25 years.
-
Cyber Risk Management Project Manager
2 weeks ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionGunnison Consulting is seeking a Cybersecurity Risk Assessment Lead to work in the Washington, DC area to support the Department of Health and Human Services' (HHS) cybersecurity mission of ensuring HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging...
-
Cyber Risk Management Project Manager
2 days ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionGunnison Consulting is seeking a Cybersecurity Risk Assessment Lead to work in the Washington, DC area to support the Department of Health and Human Services' (HHS) cybersecurity mission of ensuring HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging...
-
Cyber Risk Management Analyst with Security Clearance
Found in: Dice One Red US C2 - 1 week ago
Washington, United States GCyber Full timeGCyber is hiring a Cyber Risk Management Analyst to support data security risk assessments for a high visibility Executive Branch customer. Your primary focus will be on identifying and evaluating potential data security risks and vulnerabilities within the systems and developing effective mitigation strategies. This is a dynamic role that will require...
-
Counsel - Data, Technology and Cyber Risk
4 days ago
Washington, United States IFC Systems Corporation Full time**Counsel - Data, Technology and Cyber Risk** **Job #**: - req27294**Organization**: - IFC**Sector**: - Legal**Grade**: - GF**Term Duration**: - 3 years 0 months**Recruitment Type**: - International Recruitment**Location**: - Washington, DC,United States**Required Language(s)**: - English**Preferred Language(s)**: **Closing Date**: - 5/13/2024...
-
Director Cyber Risk Management
Found in: Jooble US O C2 - 2 weeks ago
Washington DC, United States Analytic Search Group Full timeJob Description Growing Cyber Security Services firm and 2023 Top Work Places to Work recipient seeks an experienced Director to lead a segment of the firm's cybersecurity pipeline, from identification/capture through delivery management/oversight. The ideal candidate will have a deep understanding of cybersecurity in the federal sector to include one or...
-
Cybersecurity Project Manager
1 week ago
Washington, United States SAIC Full timeJob ID: 2405870 **Location**:WASHINGTON, DC, US **Date Posted**:2024-04-24 **Category**:Program Management **Subcategory**:Project Analyst **Schedule**:Full-time **Shift**:Day Job **Travel**:No **Minimum Clearance Required**:None **Clearance Level Must Be Able to Obtain**:Public Trust **Potential for Remote Work**:No **Description** Our team is...
-
Project Manager
1 week ago
Washington, United States Voter Education Project Full timeSTRATEGIES FOR CHANGE GROUP WHO WE ARE: Since 2013, Strategies For Change Group has combined insightful advice with meaningful involvement to effect real change in communities. Our expertise spans business-to-business engagement, phone banking programs, peer-to-peer texting, and canvassing initiatives. As a minority-owned and operated firm, SFCG has engaged...
-
Project Manager
2 weeks ago
Washington, United States Civics Education Project Full timeJob DescriptionJob DescriptionSTRATEGIES FOR CHANGE GROUP WHO WE ARE: Since 2013, Strategies For Change Group has combined insightful advice with meaningful involvement to effect real change in communities. Our expertise spans business-to-business engagement, phone banking programs, peer-to-peer texting, and canvassing initiatives. As a minority-owned and...
-
Project Manager
2 weeks ago
Washington, United States Voter Education Project Full timeJob DescriptionJob DescriptionSTRATEGIES FOR CHANGE GROUP WHO WE ARE: Since 2013, Strategies For Change Group has combined insightful advice with meaningful involvement to effect real change in communities. Our expertise spans business-to-business engagement, phone banking programs, peer-to-peer texting, and canvassing initiatives. As a minority-owned and...
-
Cyber Risk Management Analyst with Security Clearance
Found in: Careerbuilder One Red US C2 - 5 days ago
Washington, DC, United States GCyber Full timeGCyber is hiring a Cyber Risk Management Analyst to support data security risk assessments for a high visibility Executive Branch customerYour primary focus will be on identifying and evaluating potential data security risks and vulnerabilities within the systems and developing effective mitigation strategiesThis is a dynamic role that will require knowledge...
-
Cybersecurity Project Manager
Found in: beBee jobs US - 1 week ago
Washington, Washington, D.C., United States SAIC Career Site Full timeDescription Our team is seeking a Cybersecurity Project Manager to work in the Washington, DC area. This is to support the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to...
-
Risk Management Project Director
2 weeks ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionWe are seeking a motivated and customer-oriented professional to support our HHS client.Location: RemoteDuties and responsibilities include:Provide strategic leadership to the enterprise cybersecurity risk management task area of the Cybersecurity Support Services (CSS) program at the Department of Health and Human Services...
-
Risk Management Project Director
2 weeks ago
Washington, United States Gunnison Consulting Group Inc Full timeJob DescriptionJob DescriptionWe are seeking a motivated and customer-oriented professional to support our HHS client.Location: RemoteDuties and responsibilities include:Provide strategic leadership to the enterprise cybersecurity risk management task area of the Cybersecurity Support Services (CSS) program at the Department of Health and Human Services...
-
Cyber Governance, Risk, and Compliance
1 week ago
Washington, United States Hoplite Group Full timeJob DescriptionJob DescriptionTitle: Cyber Governance, Risk, and Compliance (GRC) Subject Matter Expert (SME)Location: Remote support (CONUS) and one forward engagement in partner nation (templated forward travel: 5 May 2024 –9 May 2024)Level of Effort - Monthly Breakdown: April 2024: Estimated 20 hours (remote)May 2024: Estimated 80 hours (overseas...
-
Cyber Governance, Risk, and Compliance
2 days ago
Washington, United States Hoplite Group Full timeJob DescriptionJob DescriptionTitle: Cyber Governance, Risk, and Compliance (GRC) Subject Matter Expert (SME)Location: Remote support (CONUS) and one forward engagement in partner nation (templated forward travel: 5 May 2024 –9 May 2024)Level of Effort - Monthly Breakdown: April 2024: Estimated 20 hours (remote)May 2024: Estimated 80 hours (overseas...
-
Cyber Security Officer
Found in: beBee S US - 2 weeks ago
Washington, United States Non-Departmental Agency Full timeSummary Cyber Security Officers identify current threats, mitigate vulnerabilities, and anticipate future cybersecurity challenges, protecting CIA data and systems and managing IT risk. ...
-
Cyber Security Officer
Found in: beBee jobs US - 2 weeks ago
Washington, Washington, D.C., United States Non-Departmental Agency Full timeSummary Cyber Security Officers identify current threats, mitigate vulnerabilities, and anticipate future cybersecurity challenges, protecting CIA data and systems and managing IT risk. Duties As a Cyber Security Officer (CSO), you will protect Agency data and systems using sophisticated tools, instrumentation, and knowledge of CIA Information Technology...
-
Project Manager
1 week ago
Washington, United States LexisNexis Risk Solutions Group Full time** Project-Program Management Project Manager - Public Safety Service Delivery** * Brand: LexisNexis Risk Solutions * Location: Washington, District of Columbia, United States of America **Job Overview** The Public Safety Service Delivery Project Manager position is within the Government Service Delivery organization. This role provides project management...
-
Project Manager
4 days ago
Washington, United States Abacus Technology Full timeOverview Abacus Technology is seeking a Project Manager to oversee projects and lead a technical staff supporting the DoE Office of Environment, Health, Safety, and Security (EHHS). This is a full-time position. Responsibilities Lead a large team of IT professionals providing technical support in the areas of web and database development, network...
-
Project Manager
6 days ago
Washington, United States SAIC Full timeDescription SAIC is looking for a technical project manager with a passion for challenges and problem-solving. The successful candidate will work at all levels of a large Federal Agency and lead the management of their respective task order covering cyber security special projects. Duties: Provides day-to-day management and supervision of overall a...
