Vacancy expired!
The Cyber Security Risk Management Analyst is a senior advisor to the Enterprise Risk Management Lead, providing situational awareness of the organization's risk posture by effectively identifying, remediating, and monitoring privacy and security risks.
Top Secret clearance is required for this position
Responsibilities:
• Integrating privacy and security in the organization's cybersecurity enterprise-wide risk management (ERM) framework
• Managing risks for specified programs
• Provide both strategic and tactical expertise of OMB Circular No. A-123, Management's Responsibility for Enterprise Risk Management and Internal Control
• Advise on continued integration of cybersecurity into enterprise planning, budget, and ERM, including critical infrastructure security and resiliency programs
• Review and update policies and strategic plans consistent with ERM-specific objectives
Required Qualifications:
• Bachelor's degree and 7 years of experience
• Experience establishing risk profiles and portfolios
• Experience developing, implementing, and maintaining internal controls
• A-123 Content and Version History Management expertise
• Strong working knowledge of NIST taxonomies
• NIST 800-53 Supply Chain and Services Acquisition controls expertise
• Risk reporting and analytics (RSA Archer or similar tool) expertise
• Knowledge of the Federal Managers' Financial Integrity Act (FMFIA) and the Government Performance and Results Act Modernization Act (GPRAMA)
• A-123 control-, threat-, and vulnerability-centric approaches for Supply Chain Risk Management (SCRM)
Desired Qualifications:
• Expertise in Executive Order 13800, Cybersecurity Act of 2015, FISMA, Executive Orders 13636 and 13691, PPD-21
• Ability to apply appropriate organizational risk management approaches based on the situation
• Accounting experience and knowledge of the Generally Accepted Accounting Principles (GAAP)
• Certified NIST Cybersecurity Framework Lead Implementer (NIST CSF LI)
• Cyber Security Risk Assessment & Management for the U.S. Federal Government
Required Certifications:
• Certified Authorization Professional (CAP)
• Certified Information Systems Auditor (CISA)
• CMMI Associate or CMMI-ACQ (or similar)
Compensation:
• $160,000 - 180,000 based on experience
• Medical, Dental, Vision, 401k
Keywords: cyber, cyber security, cyber leadership, architect, engineer, cyber engineer, cyber analyst, analyst, risk, risk management, consultant, enterprise, ERM, Enterprise risk management, security risk, national security, intelligence, cyber intel, cyber intelligence, business analyst, strategic leader, privacy, cybersecurity, internal control, enterprise planning, A-123, NIST, order 13800, 13800, FISMA, 13636, 13691, PPD-21, GAAP, CSF, LI, NIST CSF LI, assessment, US, Federal, government, CAP, CISA, DISA, CMMI, CMMI associate, CMMI-ACQ, FMFIA, GPRAMA, SCRM, cleared job, cleared, clearance jobs, top secret, TS, TS/SCI, cleared work, DOD, DOJ, military, DON, navy, army, airforce, cyber threat,