Typical Day: Lead and oversee the implementation of the Security Assessment and Authorization Program.
Tasks: - Lead, mentor, and supervise a team of security professionals responsible for the end-to-end implementation of the RMF lifecycle for FBI IT systems.
- Oversee and coordinate activities within the Prepare step, ensuring roles, responsibilities, and risk management strategies are clearly defined and maintained.
- Guide system categorization efforts to ensure all information systems are appropriately classified based on mission/business impact and regulatory requirements.
- Direct the selection, tailoring, and documentation of security controls aligned with system categorizations, Bureau risk appetite, and compliance requirements.
- Oversee the implementation of technical, operational, and management controls throughout system and application lifecycles, with a particular focus on quality and completeness of all deliverables.
- Ensure comprehensive security control assessments are planned, executed, and documented to validate the effectiveness of implemented safeguards.
- Prepare risk management documentation for system authorization and executive decision-making.
- Direct ongoing monitoring and continuous assessment activities, collecting metrics to adjust security strategies and ensure sustained compliance.
- Serve as a principal technical advisor on cybersecurity, bringing subject-matter expertise to risk analysis, incident response, system remediation, and audit support efforts.
- Foster a culture of security awareness, providing technical guidance and training to both team members and stakeholders.
- Track, report, and communicate status, risks, and improvement opportunities related to security engineering activities to leadership and stakeholders.
- Maintain up-to-date knowledge of RMF, NIST guidance, and industry best practices in support of continuous process improvement.
Required Qualifications: - Bachelor's degree, or comparative working experience
- 5 years of experience in Information Technology, preferably in Information Security
Desired Qualifications: - CISSP (Certified Information Systems Security Professional); or
- CAP (Certified Authorization Professional); or
- CISM (Certified Information Security Manager)
- Experience as an ISSO or ISSE with Federal government defense or law enforcement agencies
- Experience leading and managing teams in multiple geographic locations
- Experience leading and managing teams in remote roles
Position Type Shift Information: - Mon-Fri (8:00am-4:00pm, 8:30am-4:30pm, or 9:00am-5:00pm)
US Citizenship: US citizenship required
Clearance: Current Top Secret with SCI Eligibility Location: 
