Project Lead

About The Position

Requirements

• CISSP certification with at least 8 years of overall experience
• At least 2 years of experience leading ISS teams
• Ability to travel up to 5–10% if needed
• Demonstrated experience in large scale stakeholder management and coordination
• Excellent oral and written communication skills
• Ability to obtain Public Trust Level-4
• Degree in Business or Science discipline (Cybersecurity is a plus)
• 8 years of project management-related experience beyond the minimum required may be substituted in lieu of a degree
• Ability to gather and analyze internal application data needs by means of interviews, workflow analyses and facilitated discussions with users
• Ability to translate data needs detailed functional and technical designs for development, testing and implementation
• Proven experience with Cyber projects

Nice To Haves

• Healthcare/Health IT background a major plus
• Strong interpersonal skills including mentoring, coaching, collaborating, and team building
• Strong knowledge and understanding of business needs with the ability to establish/maintain high level of customer trust and confidence
• Excellent decision-making ability, balancing what is right with what is realistic
• Flexibility to adjust to multiple demands, shifting priorities, ambiguity, and rapid change
• Strong analytical and good communications skills

Responsibilities

• Identify and assemble the appropriate blend of resources to meet project/program needs and requirements
• Submit deliverables and create and/or maintain Monthly Status Report (MSR), Quality Control Plan (QCP), Quality Assurance Surveillance Plan (QASP), Project Management Plan (PMP), System Security Plan (SSP), track teams training, schedule, monitor, and report on activities related to the project
• Interpret the federal agency Assessment and Authorization Process Manual (AAPM) in determining technical Information Assurance (IA) requirements and ensure proper security implementation of the Risk Management Framework (RMF)
• Ensure systems are operated, maintained, and disposed of in accordance with security policies and procedures as outlined in the security plan
• Knowledge of NIST publications and perform Risk Management Framework (RMF) processes and procedures to include package development, including POA&Ms (mitigation statements), Continuous Monitoring (ConMon) test results, Security Plans, Risk Assessments, system/site policies, architecture diagrams, and hardware/software inventories
• Attend the change control board (CCB) meetings
• Write standard operating procedures (SOP) and security in depth (SID) plans as well as security policies
• Provide cybersecurity education and training for all system users on appropriate risk mitigation strategies
• Provide recommendations on 800-53 security controls and develop System Security Plans (SSP), other RMF documents like the PIA, DR/BCP
• Track and monitor POA&Ms, track vulnerability management, provide solutions to vulnerabilities
• Ability to identify security vulnerabilities in a broad spectrum of hardware and software products and provide risk mitigation solutions
• Formally notify the ISSM of any changes to a system that could affect authorization
• Report all security-related incidents to the ISSM
• Performs other related duties as assigned.

Benefits

• Eligible full-time employees receive a comprehensive benefits package, including medical, dental, vision, life and disability coverage, retirement savings with company match, paid time off, voluntary supplemental benefits, and access to an employee assistance program.
• The package also includes educational assistance, with tuition reimbursement.