- Perform complex reviews and analyses which include compliance assessments to identify compliance with federal requirements (e.g., EO, OMB M's, A-130, NIST SP 800-37, 800-53, FIPS 199, and FIPS-200, etc.), and security requirements based upon the analysis of people, processes, and technologies.
- Conduct compliance monitoring of assigned systems for all RMF steps.
- Conduct compliance assessments of System Owners IT Systems, based on the Zermount approved Compliance Support Services Framework.
- Execute day to day FISMA compliance monitoring, ensuring that all FISMA activities, including Information Security Continuous Monitoring (ISCM), Continuous Diagnostic and Mitigation (CDM), and FISMA program activities, are prioritized correctly, completed on schedule, and are in accordance with Agency and organizations policies.
- Perform assessment and analysis of designs, architectures, configurations, and implementation of Cybersecurity principles and security capabilities.
- Research major obstacles related to the ever-changing DHS FISMA requirements, which customers will need to overcome on a weekly, monthly, and yearly basis.
- Track and report on whether assigned systems have mitigated their weaknesses on time using the appropriate processes, ATO expirations, Information Security Vulnerability Management (ISVM) compliance, DHS Performance Plan requirements, systems meeting Agency Scorecard requirements, audit efforts, and CDM support efforts.
- Track and report on mandated FISMA activities are being executed according to the Agency Information Security Performance Plan for each fiscal year.
- Provide compliance monitoring metrics and reporting to IAD leadership, System Owners and ISSOs:
- Provide input into the GRC presentations for monthly ISSO Townhall training, as required by management or the Training Team Lead.
- Provide updates and input to the GRC SharePoint sites to include document uploads, page updates, access requests, permissions, etc. on an ongoing basis.
- Create or update existing templates for memos, risk assessments, disposal packages, to standardize and simplify the process.
- Conduct compliance assessments and create ATO extension packages as required.
- Conduct POA&M management activities, to include processing, reviewing, verifying, and validating creation and closures. Report on expiring and overdue POA&Ms and ensure compliance with all DHS POA&M metrics and requirements as outlined in the policy directive and Information Security Performance Plan (ISPP).
- Review waiver packages for compliance with the Agency's Policies and Procedures.
- Provide Quality Review to ensure accuracy and compliance throughout the RMF process.
- Support system of responsibility to ensure all Ongoing Authorization (OA) and ISCM, and CDM requirements are verified and validated - with the goal of meeting all requirements defined by the Agency. Provide reports and action items for stakeholders and leadership.
- Assist with conducting review and analysis of Requests for Change (RFC) and providing recommendations to base on the change and Security Impact Assessment (SIA).
- Support Security Control Assessments (SCAs) as required.
- Provide input and assist with all audits, data calls, and queries.
- Stay current with the latest developments in cybersecurity, information assurance, GRC, and related cybersecurity trends.
- Create or update existing templates for memos, risk assessments, disposal packages, to standardize and simplify the process.
- Ensure security controls that can be inherited by other systems are set up for inheritance in the department's Governance Risk Compliance (GRC) tool and draft the control inheritance statements that can be used by other systems.
- Assist and support other team members as required by the Program Manager.
- Assist in completing Customer's Management Control Objectives Program (MCOP) reporting requirements.
- Experience and expert knowledge NIST guidelines, FISMA, Cybersecurity principles and methodologies, Executive Orders (EO's), Office of Management and Budget (OMB) Memorandums, Federal, DoD and CISA Technical Reference Architectures, Maturity Models, Risk Management Framework (RMF), Cybersecurity Framework (CSF), technical knowledge of IT systems, and cloud security (is preferred).
- Knowledge of and experience using relevant cybersecurity and analysis tools such as Archer, Nessus Security Center, Splunk, etc.
- Experience with cloud-based environments and technologies is preferred.
- Knowledge of cybersecurity threats, risks, and vulnerabilities and how to mitigate them.
- Excellent communication skills (written and verbal), with the ability to explain complex concepts in a clear, concise manner.
- Strong problem-solving skills, proactive, ability to adapt to changes in priorities, attention to detail and organization skills, and possesses good problem solving and decision-making skills.
- Must be able to conduct system analysis and quality reviews to detect performance issues.
- Well versed in developing compliance solutions to resolve weaknesses or challenges.
- Ability to work independently and as part of a team.
- An analytical mind with excellent problem-solving ability is required.
- Bachelor of Science (B.S.) in Engineering, Computer Science, IT, Cybersecurity, or a related field.
- With a B.S. in a relevant field - A minimum of 5 years of IT cybersecurity experience including direct support for the US Government and 4 years acting as an ISSO, Assessor, or Compliance Analyst; or
- Without a B.S. in a relevant field - A minimum of 7 years minimum of IT Cybersecurity experience including direct support of the US government and 4 years acting as an ISSO, Assessor, or Compliance Analyst.
- Certified Authorization Professional (CAP)
- Certified Information Security Manager (CISM)
- Certified Information Systems Security Professional (CISSP), or
- Certified Chief Information Security Officer (CCISO)
- Minimum of active Secret Clearance and ability to obtain and maintain DHS suitability.
- 8:00 am EST - 4:30 pm EST.
-
George Washington University Foggy Bottom, United States**Posting Details**: · - I. JOB OVERVIEW**Job Description Summary**: · - The George Washington University is committed to promoting the highest standards of ethical research and scholarly conduct while pursuing its research mission. The Office of Responsible Conduct of Research ( ...
-
US Maritime Administration Washington, United States**Duties**: · **As a Director, Office of Financial Policy and Compliance, you will**: · - Lead the development and formulation of agency and CFO financial policies, and compliance with same. Leads the planning for systematic review of financial policies to see that they remain cu ...
-
Compliance Officer
3 days ago
Zermount, Inc Arlington, United StatesJob Description · Job DescriptionCOMPLIANCE OFFICER · Zermount Inc. is seeking a Compliance Officer who will perform complex risk analyses and ensure systems and technologies satisfy Information Assurance (IA) and Cybersecurity requirements, based on federal requirements, laws, m ...
-
Compliance Officers
1 week ago
Equity Residential Careers Washington DC, United States Full timeThe Affordable Compliance Specialist ( ACS ) reports to an Affordable Compliance Manager ( ACM ) and is primarily responsible for all aspects of the affordable housing programs associated with the communities in their assigned portfolio. Programs may include Low Income Housing Ta ...
-
Compliance Officers
3 days ago
George Washington University Washington DC, United StatesThe George Washington University is committed to promoting the highest standards of ethical research and scholarly conduct while pursuing its research mission. The Office of Responsible Conduct of Research (RCR) within the Office of Research Integrity and Compliance (ORIC) promot ...
-
Compliance Officers
1 week ago
Edgewood Management Washington DC, United StatesCompliance Specialist · Edgewood Management Corporation is a 50 year old, premiere affordable property management company, responsible for 27,000 units in fourteen states and the District of Columbia. Edgewood's portfolio represents a variety of multifamily product that includes ...
-
Code Compliance Officer
1 week ago
City of Arlington Arlington, United StatesJOB SUMMARY · : Under generalsupervision, enforces applicable codes, regulations, and ordinances to promoteproperty maintenance standards for single-family, multi-family, and commercialproperties. This position will interact with City of Arlington citizens,property owners, tenant ...
-
Chief Compliance Officer
1 week ago
Futura Energy Group Washington DC, United States2 days ago Be among the first 25 applicants · Direct message the job poster from Futura Energy Group · Renewable Energy Recruiter | Legal & Supply Chain · Our client, a leading investor in the energy & renewable energy sectors is seeking a skilled Chief Compliance Officer to o ...
-
Compliance Review Officer
1 week ago
Washington D.C. Washington, United StatesGeneral Job Information · Job Summary · This position is located within the District of Columbia Government (District), Fire and Emergency Medical Service Department (FEMS), Services Bureau. The mission of the FEMS is to preserve life and promote health and safety through excelle ...
-
Chief Compliance Officer
1 week ago
EIG Washington DC, United StatesTitle: Chief Compliance Officer & Senior Counsel · Department: Legal & Compliance · Reports to: General Counsel · Company Overview · EIG is a leading institutional investor in the global energy and infrastructure sectors with $22.9 billion under management as of December 3 ...
-
Contract Administrator/Compliance Officer
2 weeks ago
Zermount, Inc. Arlington, United StatesContract Administrator/Compliance Officer · MILITARY FRIENDLY & PREFERRED - HOH SPONSOR · Zermount Inc. is seeking a motivated Contract Administrator/Compliance Officer to join our Corporate and Contracts team at Zermount. The Contracts administrator will develop, review and eva ...
-
Sanctions Compliance Officer
4 days ago
Treasury, Departmental Offices Washington, United StatesSummary · This position is located at Departmental Offices, Terrorism and Financial Intelligence-Office of Foreign Assets Control, OFAC. As a Sanctions Compliance Officer, you will be responsible for serving as a resource for the public, the private sector, and the government on ...
-
Contract Administrator/Compliance Officer
2 days ago
Zermount, Inc Arlington, United StatesJob Description · Job DescriptionContract Administrator/Compliance Officer · MILITARY FRIENDLY & PREFERRED - HOH SPONSOR · Zermount Inc. is seeking a motivated Contract Administrator/Compliance Officer to join our Corporate and Contracts team at Zermount. The Contracts administra ...
-
Cyber Compliance Officer
2 weeks ago
tapwage Falls Church, United States Part timeType of Requisition: · Regular · Clearance Level Must Currently Possess: · Secret · Clearance Level Must Be Able to Obtain: · Secret · Suitability: · Public Trust/Other Required: · Job Family: · Cyber Security · Job Qualifications: · Skills: · Certifications: · CGRC � Governance, ...
-
Budget and Compliance Officer
3 days ago
International Center for Journalists Washington, United StatesJob Description · Job Description Reports to VP of Finance and Administration · ...
-
Cyber Compliance Officer
1 week ago
General Dynamics Information Technology Mosby, United StatesPosition Description - Cyber Compliance Officer · Program - Guard Enterprise Cyber Operations Support (GECOS) · We are GDIT. We stay at the forefront of innovation to solve complex technical challenges. · GDIT is your place. Make it your own by discovering new ways to apply the ...
-
Preschool Compliance Officer
1 week ago
Chesterbrook Academy Alexandria, United StatesPreschool Compliance Officer · Chesterbrook Academy (#807), 6200 Interparcel Rd, Alexandria, Virginia, United States of America · Req #5116 · Monday, March 11, 2024 · Spring Education Group's Early Childhood Education Division includes nearly 150 schools offering services from in ...
-
Preschool Compliance Officer
1 week ago
Spring Education Group Alexandria, United StatesSpring Education Group's Early Childhood Education Division includes nearly 150 schools offering services from infant care through Pre-K/K programs, as well as summer camp and after-school programs. Our locations span a nationwide geographic footprint and a diverse array of pedag ...
-
Deputy Director, Office of Compliance
1 week ago
USAJobs Washington D.C., United States Full timeDuties · This is a Senior Executive Service (SES) position located in the Office of Enforcement and Compliance Assurance (OECA) at the U.S. Environmental Protection Agency (EPA) at Headquarters in Washington, D.C. The Office of Compliance reports to the Assistant Administrator of ...
-
General Dynamics Information Technology Falls Church, VA, United StatesREQ#: RQ170843 Requisition Type: Regular Your Impact Own your opportunity to work with the largest government agency in the nation · Make an impact by advancing the Department of Defense's mission to keep our country safe and secure · Job Description Position Description - Cyber ...
Compliance Officer - Arlington, United States - Zermount, Inc.
Description
COMPLIANCE OFFICER
Zermount Inc.
is seeking a Compliance Officer who will perform complex risk analyses and ensure systems and technologies satisfy Information Assurance (IA) and Cybersecurity requirements, based on federal requirements, laws, mandates, policies, procedures, standards, and guidelines (e.g., Executive Orders [EOs], OMB M, BODs, EODs, NIST, and agency specific requirements).
The Compliance Officer will provide Plan of Actions and Milestones (POA&M) management conduct FISMA compliance and Get-to-Green meetings, and work with Information Systems Security Officers (ISSO), System Owners, stakeholders, and leadership to meet Performance and Scorecard metrics.
The Compliance Officer will conduct regular (e.g., daily, weekly, monthly) system security compliance meetings for assigned systems of responsibility and provide feedback, recommendations, and mitigations to ensure systems meet the minimum requirements and security posture.
The Compliance Officer will perform analysis, design, and development of security features for system architectures. Support customers at the highest levels in the development and implementation of doctrine and policies.DUTIES & RESPONSIBILITIES
The Compliance Officer will provide the following support and services:
Conduct Get-to-green meetings with system owners and ISSOs, provide status, deficiencies, recommendations, and document action items with estimated completion dates (ECDs) with the goal of improving system scores within the DHS Scorecard.
Zermount, Inc. Position Descriptiono Manage ISVM alerts and bulletins for TSA to include tracking, distributing, and providing reports.
o Create briefings and reports, as required for, but not limited to the following items: high valued assets, ISVMs, POA&Ms, system scores (FISMA & ISCM).
QUALIFICATIONS
EDUCATION AND EXPERIENCE
Education:
o Relevant years of experience may be used in substitution for situations where the candidate does not have a B.S.
Experience:
CERTIFICATIONS
At least one of the following security certifications is required:
CLEARANCE LEVEL
WORK LOCATION
Primary location:
Washington, DC
Hours of Operation: