One Federal Solution provides senior-level cybersecurity risk management expertise supporting A&A, FISMA compliance, IC security standards, continuous monitoring, CDS, and secure cloud/hybrid environments. We apply NIST, CNSSI 1253, and RMF principles to strengthen security posture, automate compliance activities, and deliver risk-based solutions for federal mission needs.
Senior Security Risk Management SME Task and Duties:- Provide senior-level security risk management subject matter expertise.
- Support Authorization and Assessment (A&A), FISMA compliance, IC cybersecurity policy and standards, continuous monitoring, CDS, and secure cloud/hybrid engineering.
- Apply emerging and evolving security risk management practices, including automation of A&A and continuous monitoring activities.
- Apply NIST 800-series and CNSSI 1253 security controls, risk management framework principles, and related guidance.
- Advise on secure cloud and hybrid engineering risk posture, compliance, and remediation approaches.
Senior Security Risk Management SME Qualifications:- Minimum 10 years of total related experience.
- Minimum 2 years of recent experience in each of the following: A&A, FISMA compliance, IC cybersecurity policy and standards, continuous monitoring, CDS, and secure cloud/hybrid engineering.
- Experience automating A&A and continuous monitoring activities.
- Experience applying NIST 800-series and CNSSI 1253 security controls and risk management framework guidance.
- Mandatory certification in CISM, CAP, or GRC Certification in good standing at award and throughout the period of performance, or comparable demonstrable experience.
- Desired: certifications in AWS, Microsoft Azure, and Microsoft Office 365 cloud platforms.
