- Manage Information System Security Officers (ISSO) to support information technology (IT) security goals and objectives and reduce overall organizational risk.
- Assist in the execution and management of the House Risk Management Framework (RMF) and advises ISSOs on proper application of House cybersecurity policies and requirements.
- Assist senior management in the development and interpretation of information assurance guidelines, policies, regulations etc.
- Advise senior management (e.g., Chief Information Security Officer [CISO]) on risk levels and security posture.
- Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
- Conduct independent or coordinated studies to identify, evaluate or recommend solutions to significant systems management problems that are likely to be complex and sensitive in nature.
- Ensure that security improvement actions are evaluated, validated, and implemented as required.
- Identify alternative information security strategies to address organizational security objectives.
- Interpret patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise's cybersecurity program.
- Participate in information security risk assessments during the Security Assessment and Authorization process.
- Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
- Provide technical and procedural information system advice to risk management team.
- Perform quality reviews of security artifacts collected by ISSOs under their purview to ensure quality assessment and authorization (A&A) deliverables are provided.
- Assume ISSO responsibilities in the absence of ISSO.
- Ensure approved House procedures are followed in the implementation of security controls.
- Ensure a record is maintained of all vulnerabilities for existing authorization boundaries.
- Advise ISSOs on all matters, technical and otherwise, involving the security of assigned IT systems.
- Maintain a working knowledge of system technology, security policies, and security safeguards.
- Ensure continuous monitoring of authorization boundaries and implemented security controls is followed.
- Provide guidance to ISSOs on mitigation actions for security control deficiencies and scan vulnerabilities for assigned IT systems.
- Provide role-based training for assigned ISSOs specific to their roles and responsibilities.
- Brief senior management on the status of ISSOs and their assigned projects.
- Work with senior leadership to mature risk management processes within the House environment.
- Develop and formalize risk management training, specific to the House environment, for varied stakeholder groups.
- Conduct assigned technical reviews and risk analyses and develop cybersecurity risk mitigation recommendations and strategies based on threats.
- Research and recommend innovative, secure, and (where possible) automated solutions to improve risk management processes and activities.
- Participate in the technical security evaluation and assessment of new technologies in support of House of Representatives operations and provide supporting reviews.
- Provide audit support to cybersecurity for audit activities and recommendations.
- Perform other duties as assigned.
- Minimum of eight (8) years of demonstrated work experience in cybersecurity risk management.
- Demonstrated experience managing systems security assessments, reviewing system security documentation for successful security authorization of such systems.
- Strong knowledge and expertise with NIST publications.
- Demonstrated experience providing quality A&A deliverables.
- Proven technical acumen and understanding of common operating systems and network technologies, risk management frameworks, and common security tools and scanners.
- Demonstrated understanding of cloud service models, hybrid applications, and mobile security technologies and tools.
- Understanding of management, operational and technical cybersecurity principles.
- Experience with privacy principles and frameworks is preferred.
-
Security Manager
4 days ago
Jones Networking Washington, United StatesPosition Title: Security Manager · Department: Security · Location: Washington, DC (NW) · Industry: Law Firm · Status: Full Time, Direct Hire, 9am-5:30pm · Jones Networking is recruiting for a Security Manager to join the Washington, DC office of an international Law Firm. The Fi ...
-
Security Manager
1 day ago
Covington & Burling LLP Washington, United StatesSummary · The Security Manager is primarily responsible for the supervision of Covington & Burling LLP's security officers, and for the implementation and oversight of the emergency evacuation and first aid training program for the Washington, DC, office. · Duties & Responsibilit ...
-
Security Manager
5 days ago
Covington & Burling Washington, United StatesSummary · The Security Manager is primarily responsible for the supervision of Covington & Burling LLPs security officers, and for the implementation and oversight of the emergency evacuation and first aid training program for the Washington, DC, office. · Duties & Responsibili ...
-
Security Manager
5 days ago
The Watergate Hotel Washington, United StatesThe Hotel · Step inside a legendary revival at The Watergate Hotel, a luxurious urban resort located along the banks of the Potomac River. Here modern design blends with a storied past to redefine luxury. A place where travel and business are occasions worth celebrating, attenti ...
-
Security Manager
14 hours ago
Watermark Risk Management International, LLC Washington, United StatesCome make your mark with Watermark · FOUNDED BY USAF VETERANS in 2007, we are proud to be a Service-Disabled Veteran Owned Small Business. · SUBJECT MATTER EXPERTS specializing in security and risk management. We're intimately familiar with DOD security programs and mission req ...
-
Security Manager
1 week ago
Preeminent Protective Services, Inc Washington, United StatesWho we Are · Preeminent Protective Services Inc. (PREEMINENT) is a full-service Management company for the following industries: Security, Information Technology, and Construction Services. We are licensed, bonded, and insured in multiple states including Washington, DC, Marylan ...
-
Information Security Manager
2 days ago
Peraton Washington, United StatesResponsibilities · Provides technical and programmatic information assurance services to internal and external customers in support of network and information security systems. Designs, develops, and implements security requirements within an organization's business processes. Pr ...
-
Edgewater Federal Solutions Washington, United StatesJob DescriptionJob Description · Security Management · Specialist/Security · Risk Management · Edgewater Federal Solutions, Inc. is currently seeking a · Security Management · Specialist/Security · Risk Management · with hands-on technical skills to provide support to Edg ...
-
Security Manager, ECD
5 days ago
Enterprise Community Partners Washington, United StatesEnterprise is a national nonprofit that exists to make a good home possible for the millions of families without one. We support community development organizations on the ground, aggregate and invest capital for impact, advance housing policy at every level of government, and bu ...
-
Security Project Manager
3 days ago
Crisis24 Washington, United StatesAt Crisis24, A GardaWorld Company, we take a proactive approach to solving business challenges and our customers are at the heart of everything we do. It's the reason we love rolling up our sleeves and getting down to work – and it's why we're so successful. It takes an entire te ...
-
Security Project Manager
5 days ago
TWO95 International Washington, United StatesTitle -Security Project Manager · Position - Contract (12+ Months) · Location - Hybrid/Washington D.C · Rate - $Open(Best Possible) · Job Description: · The Project Manager is responsible for overseeing complex Corporate Security (CS) projects which include wedge barriers, c ...
-
Security Management Specialist
5 days ago
National Guard Employment Network Washington, United StatesJob Description · ATTENTION MILITARY AFFILIATED JOB SEEKERS - Our organization works with partner companies to source qualified talent for their open roles. The following position is available to Veterans, Transitioning Military, National Guard and Reserve Members, Military Spou ...
-
Information Security Manager
1 day ago
Peraton Washington, United StatesResponsibilities · Provides technical and programmatic information assurance services to internal and external customers in support of network and information security systems. Designs, develops, and implements security requirements within an organization's business processes. Pr ...
-
Security Manager, ECD
3 days ago
Enterprise Community Partners Washington, United StatesEnterprise is a national nonprofit that exists to make a good home possible for the millions of families without one. We support community development organizations on the ground, aggregate and invest capital for impact, advance housing policy at every level of government, and bu ...
-
Information Security Risk Manager
1 day ago
Hogan Lovells Washington, United StatesKeen to become part of a truly global, collaborative team of professionals? Your journey begins here. · The Information Security Risk Manager, under the direction of the Head of Global Information Risk, is tasked to protect information assets in support of Hogan Lovells business ...
-
Information Systems Security Manager
3 days ago
The Consortium Washington, United StatesDevelops and administers information security procedures for systems in support of government agencies in the performance of classified programs and projects. Performs self-inspections and ensures compliance with applicable government security policies and procedures. Investigate ...
-
OCT CONSULTING LLC Washington, United StatesOCT Consulting, LLC is an SBA-certified, 8(a) small business management and technology consulting firm that provides support to Federal Government clients. We provide consulting services in the areas of Strategy, Process Improvement, Change Management, Program and Project Managem ...
-
Information Systems Security Manager
1 day ago
National Academy of Sciences Washington, United StatesJob Description Summary: · Develops and administers information security procedures for systems in support of government agencies in the performance of classified programs and projects. Performs self-inspections and ensures compliance with applicable government security policies ...
-
Information Security Risk Manager
1 day ago
Hogan Lovells Washington, United StatesKeen to become part of a truly global, collaborative team of professionals? Your journey begins here. · The Information Security Risk Manager, under the direction of the Head of Global Information Risk, is tasked to protect information assets in support of Hogan Lovells business ...
-
Security Cooperation Program Manager
5 days ago
Recruiting Associates , Inc. Washington, United StatesRecruiting Associates ) has been retained to find a highly qualified Program Manager to lead a team supporting DOD security cooperation initiatives. Project tasks include desk and field research, data collection and visualization, analysis, strategy development, policy writing an ...
Information Systems Security Manager - Washington, United States - BTI Services
Description
Business Technology Integrators (BTI) is seeking an Information Systems Security Manager (ISSM) to lead a team in executing risk management efforts against our customer's inventory of on premise, vendor and cloud-based systems.
