About the Opportunity
Digital Management, Inc. (DMI) is seeking a full time a Continuous Monitoring Program Leadto help support a government customer on a cybersecurity program.
Duties and Responsibilities:
- Support the Continuous Monitoring program, including but not limited to assisting the government in designing, developing, maintaining, executing and improving a comprehensive Continuous Monitoring (ConMon) program.
- Comply with appropriate government standards, policy, and regulations, including but not limited to DoD Risk Management Framework (RMF), NIST 800-137, NIST 800-53, 800-37 and 800-39.
- Ensure completion of appropriate actions and activities, and preparation of required artifacts to ensure full compliance with Computer Network Defense Service Provider (CNDSP) evaluation criteria and similar audits/inspections of the cybersecurity services.
- Develop new standard operating procedures (SOP) as needed, and review/update/improve existing SOP.
- Required SOP activities and artifacts include, but are not limited to recommending and implementing changes to vulnerability management processes and procedures to maintain compliance, including transitioning from periodic vulnerability scanning to continuous monitoring of assets and security controls, evaluating the technology, processes, procedures, operating environment, and people to provide ongoing awareness of information security, vulnerabilities, and threats, reviewing, validating, and revising existing ConMon program documentation, and preparing POA&Ms and program performance metrics.
Education and Years of Experience:
- MBA or above with a Business IT focus, or equivalent combination of eduction and experience
- 10 or more years IT program/project managementexperience
- 5 or more years IT program management experience in Army, DOD, or IC
- Demonstrated successful track record for delivering large/complex projects on time and within budget within DOD
- Demonstrated expert-level knowledge in the planning, development, coordination, implementation and execution of continuous monitoring program within an organization of similar size, scope and complexity.
- Demonstrated experience with the planning, development, coordination, execution and improvement of compliance related processes. This includes in depth knowledge of DOD 8500 series, NIST SP 800 series, DOD regulations and instructions to include: 8570-01, DODI 8530.01, CJCSI 6510.01, and Risk Management Framework (RMF). In depth knowledge and experience of industry and DOD auditing best practices.
- Demonstrated experience with performing continuous assessments of all security controls for all info systems under the purview of organization
- Demonstrated experience with communicating and coordinating at a functional and senior level.
- Demonstrated experience with the development of reports and products that support an organization ability to maintain near-real time awareness of info security, vulnerabilities, and threats.
- Shall possess at time of award, and retain, equivalent level IAT III certification
Clearance Requirement: TS/SCI
Physical Requirement(s): N/A
Location: 40400 Pentagon Way
Job ID 2016-10369