Responsibilities include but are not limited to:
- Plan and deliver a business process assessment regarding Information Security governance of hardware, software, configuration standards, and vulnerability inventories and remediation.
- ·Within the constraints of the customer organization, identify Information Security governance best practices to be achieved, support the necessary process and training activities to implement those practices.
- Facilitate customer Information Security governance activities and make recommendations aligned with assessment and customer organization objectives.
- Lead the collection of process information, lessons learned, best practices from customer SMEs via formal workshops and web based conferencing.
Required Qualifications and Education/Certification Requirements:
- Minimum 5 years of business process reengineering experience, majority including information or technology security
· Strong understanding of industry best practices related to governance, change management and/or IT security, with the ability to review and compare an agency's current policies and procedures to industrial standards and make recommendations.
- Strong communication and presentation skills, ability to interface and guide business users and technical staff at various levels.
- Knowledge of federal Information Security frameworks, includingFISMA and NIST Risk Management Framework
- Prefer CompTIA ITIL Fundamentals, or equivalent
· Experience working on an enterprise information technology or security program, particularly in a governance or process engineering capacity
· Ability to prepare business process assessment materials - including outline, background material and process aids.
· Experience creating and delivering presentations for customers
· Experience performing gaps assessments and developing business process documentation
Certifications: Any one of CompTIA Server+, CompTIA Network+, CompTIA Security+, Microsoft Technology Associate (MTA) IT Infrastructure Track, or equivalent.