Triumph Enterprises--Corporate Headquarters

Returning Candidate?

Cybersecurity Framework Subject Matter Expert

Cybersecurity Framework Subject Matter Expert

Job ID 
2017-2028
Location 
US-MD-Bethesda
Posted Date 
8/11/2017
Category 
Government/Defense

More information about this job

Job Description

Triumph Enterprises is looking for a Cybersecurity Framework Subject Matter Expert to support a federal government client under an exciting and cutting-edge national research program.

 

As a Cybersecurity Framework Subject Matter Expert, you will be responsible for supporting the implementation of the Framework across the various program components.  This will include defining the target framework tiers and profiles of the program based on risk tolerance.  The ideal candidate for this position is a security professional familiar with the NIST Cybersecurity Framework (CSF), experience in implementing and communicating Federal Information Security Modernization Act (FISMA) compliance for the Federal government, and a thorough understanding of cloud computing and cloud security principles. 

Responsibilities

  • Engage with the program office to define the target tiers for security framework categories and continuously mature the program’s framework documentation
  • Advocate security framework principles and the benefits for managing risk across components
  • Support the development and revision of component information systems security documentation templates (e.g. System Boundary development, System Security Plan (SSP), Contingency Plan, Contingency Plan Test, Business Impact Analysis, FIPS-199, eAuthentication, Privacy Threshold Analysis, etc.) based on changing NIST and federal guidance
  • Actively participate in stakeholder meetings and help shape security practices based on the framework
  • Assist component system owners, security personnel, and stakeholders in understanding assessment and authorization (A&A) documentation requirements. Review completed templates to ensure completeness and accuracy
  • Engage and collaborate with initiative stakeholders to support their solution design, implementation, and inter-connectivity requirements
  • Support the development of artifacts, such as project summaries, position statements, recommendations and point papers, for status reporting, executive communications, and stakeholder awareness
  • Coordinate with NIH Information Security Program resources and services to ensure timely completion of project activities, including identification of scope changes, critical path items, and dependencies

Qualifications / Requirements

 

  • Bachelor’s degree with 12 years of A&A, cybersecurity, risk management, and/or cloud security experience
  • Experience with the NIST CSF, NIST SP 800-171 and scientific data sharing policies
  • Working knowledge of FISMA, FedRAMP, and HIPAA Security and Privacy Rules
  • Extensive federal healthcare experience
  • Knowledge of application and implementation of FedRAMP security control requirements
  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Privacy Professional (CIPP)
  • Experience with highly visible federal government initiatives
  • Strong customer-service attitude, ability to multi-task and work independently
  • Strong in-person, written and verbal communication skills
  • High aptitude for learning and flexibility

 

Preferred:

 

  • Master’s degree
  • Additional cybersecurity and privacy certifications, such as CISA and CRISC
  • Direct support of public sector agency Information Security Programs
  • Able to obtain a Top Secret clearance

Company Overview

Founded in 2005, Triumph Enterprises, Inc. (Triumph) is a Service-Disabled Veteran-Owned Business. We are headquartered in McLean, Virginia. Triumph offers the federal Civilian and Defense markets personalized knowledge-based professional services.  Our company provides world-class solutions leveraging the following core disciplines:

  • Program Management Support
  • Engineering Support Services
  • Training and Exercise Support Services
  • IT Security (Cyber Operations and Risk Management Services)
  • Sustainment and Life Cycle Logistics Services
  • Data Management and Analytical Services

Our pursuit of excellence is driven by an emphasis on Client Focus, Integrity, Imagination, and Employee Engagement – the Core Values that motivate and inspire our leadership, business practices, and company culture.

 

Triumph participates in e-Verify. We provide the Social Security Administration (SSA) and, if necessary, the Department of Homeland Security (DHS) with information from each new employee’s I-9 Form to confirm work authorization. Triumph is an equal opportunity employer and gives consideration for employment to qualified applicants without regard to race, color, religion, sex, national origin, disability, protected veteran status or any other status defined by law. Go to www.triumph-enterprises.com to learn more about Triumph.