-
Cyber SME III HHS GRC Risk Management Branch
- Koniag Government Services (Washington, DC)
-
Koniag Data Solutions, a Koniag Government Services company, is seeking a Cyber SME III HHS GRC Risk Management Branch to support KDS and our government customer in Washington D.C. This position requires the candidate to be able to obtain a Public Trust.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
The Cyber SME III HHS GRC Risk Management Branch will serve as a key resource on the contract, supporting strategic program operations and oversight functions. The ideal candidate will possess strong project management skills combined with deep cybersecurity expertise to help promote best practices, build partnerships, enhance communications, and improve oversight activities. This position plays a crucial role in maintaining the customer’s risk posture by effectively identifying, assessing, remediating, and monitoring privacy and security risks while integrating cybersecurity risk management into the Department-wide enterprise risk management framework. This is a supervisory position.
Strategic Program Operations:
+ The Cybersecurity Risk Management Project Manager / SME will lead and manage cross-functional teams to implement and maintain comprehensive cybersecurity risk management programs across multiple focus areas including Enterprise Risk Management, FedRAMP, High Value Assets, Information Security Continuous Monitoring, and Cybersecurity Supply Chain Risk Management. Principal responsibilities include:
+ Direct the Program Management Office (PMO) operations for cybersecurity risk management initiatives, ensuring alignment with mission objectives, regulatory requirements, and security standards
+ Lead strategic planning efforts for multiple cybersecurity risk management programs, establishing roadmaps, metrics, and success criteria
+ Develop, implement, and maintain policies, procedures, methodologies, and frameworks for cybersecurity risk management incorporating federal laws, executive orders, OMB requirements, and NIST guidance
+ Oversee risk assessments, security authorizations, and continuous monitoring activities across cloud environments, high-value assets, and enterprise systems
+ Manage and facilitate working groups and committees, including interagency collaboration, stakeholder engagement, and knowledge sharing
+ Direct data collection, analysis, and reporting to provide situational awareness of the customer’s risk posture to leadership and stakeholders
+ Supervise the development of executive-level briefings, reports, and recommendations based on risk management data
+ Lead supply chain risk management activities, including developing strategies for identifying and mitigating risks throughout the supply chain lifecycle
+ Mentor and develop team members while fostering collaboration across security domains
+ Serve as a technical advisor on cybersecurity risk management matters to senior leadership
Education and Experience:
+ Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field
+ 7+ years of experience in cybersecurity, with at least 5 years in project management
+ Experience with federal government cybersecurity frameworks, particularly NIST and FISMA
+ Demonstrated experience in stakeholder management at senior leadership levels
+ Experience in preparing and delivering executive-level briefings and reports
+ Knowledge of governance, risk, and compliance principles and practices in a federal environment
+ PMP, CISSP, CISM, or related professional certifications
Required Skills and Competencies:
+ Expert knowledge of cybersecurity risk management frameworks, methodologies, and best practices, including NIST CSF, NIST RMF, and ISO 27001
+ Demonstrated experience with Enterprise Risk Management (ERM) frameworks and integration of cybersecurity risk into organizational ERM programs
+ Extensive knowledge of federal cybersecurity laws, regulations, and requirements, including FISMA, FedRAMP, Executive Orders (13800, 14028), OMB A-123, and NIST Special Publications
+ Proven project management skills with ability to manage complex, multi-faceted programs simultaneously
+ Experience with cloud security concepts, FedRAMP assessment and authorization processes, and continuous monitoring requirements
+ Knowledge of High Value Asset (HVA) identification, protection strategies, and risk management approaches
+ Experience with Information Security Continuous Monitoring (ISCM) program development and implementation
+ Understanding of Cybersecurity Supply Chain Risk Management (C-SCRM) concepts, frameworks, and implementation approaches
+ Excellent written and verbal communication skills with ability to translate complex technical concepts for various audiences
+ Strong leadership abilities with experience managing technical teams and collaborating across organizational boundaries
+ Experience facilitating working groups, committees, or communities of practice focused on cybersecurity or risk management
+ Analytical skills for evaluating risk data, identifying trends, and developing evidence-based recommendations
+ Experience with risk management and governance tools such as RSA Archer or other GRC platforms
+ Excellent problem-solving abilities with demonstrated capacity to manage complex security challenges
Security Requirement:
+ Ability to obtain a Public Trust
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at [email protected] or by calling 703-488-9377 to request accommodations.
_Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit_ _www.koniag-gs.com_ _._
_Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352_
Job Details
Job Family** **IT, Cyber Security, Network Systems
Pay Type** **Salary
-
Recent Jobs
-
Cyber SME III HHS GRC Risk Management Branch
- Koniag Government Services (Washington, DC)
-
Sr. Automation Data Analyst
- Entrust (Shakopee, MN)
-
Neuro-Ophthalmologist, Clinical Assistant/Associate Professor, Ophthalmology, Neuro-Ophthalmology
- Stony Brook University (Stony Brook, NY)
-
Lead Principal Electrical Design Engineer
- Micron Technology, Inc. (San Jose, CA)