Cyber security's engineer/ISSO

Job Description: Minimum Qulaification: • Demonstrated 5 years or more experience leading cybersecurity risk management programs of 5 or more IT professionals • Subject Matter Expert (SME) with NIST SP 800-37 Risk Management Framework, 800-60, 800-53, 800-171, FIPS199, FISMA, FedRAMP, NIST SP guidance and other federal cybersecurity-related policies, directives, and mandates (e.g., related OMB) • Demonstrated experience with system/application security, risk management, third party management and risk remediation • Demonstrated experience performing risk management activities developing and maintaining System Security Plans (SSPs), Risk Assessment and Recommendations (RARs), Plan of Action and Milestones (POA&M), and developing Executive level briefings Certification: • International Information System Security Certification Consortium (ISC)2 • Certified Information Systems Security Professional (CISSP) • ISACA's Certified Information Security Manager (CISM) High Qualification: • 5+ years serving in Lead role (i.e., supervisory, program manager, etc.) managing tasks, schedules, resource allocation, and communication with key stakeholders, etc.(For Lead Senior ISSO only) • 7+ years Subject Matter Expert (SME) with NIST SP 800-37 Risk • Management Framework, 800- • 60, 800-53, 800-171, FIPS199 • (and related OMB and NIST guidance) • 7+ years' experience with system/application security, risk management, information assurance third party management and risk remediation • 7+ years performing risk management activities developing and maintaining System Security Plans (SSPs), Plan of Action and Milestones (POA&M), and developing Executive level briefings • 3+ years' experience using the Cyber Security Assessment and Management (CSAM) tool • Experience with Qmulos Q- Compliance • 1+ years performance in the role as an ISSM • Certification: Project Management Institute (PMI) Project Management Professional (PMP) certified Apply tot his job Apply To this Job