Overview

Steampunk is searching for a Cyber Project Manager/Team Lead to support a government customer on site Washington, DC. The primary responsibilities for the position are to support all activities that ensure and enforce quality assurance of security authorization program and related activities to include: submittal of security authorization documentation to the appropriate approval authorities, review of service invoice, creation and review of support contracts and management of various cyber projects. The nature of the work requires that you bring leadership, initiative, organization, responsibility, customer service skills, and the ability to be flexible and adaptive to a fast-paced, fluid business environment. You will be expected to communicate effectively and decisively with all levels of the organization and be able to solve practical problems as well as exercise sound judgement with regards to sensitive and confidential information.

Contributions

Contributions 

• Lead and manage team of Information Security Professionals.
• Attend SDLC project meetings for assigned projects, review system business requirements against NIST and DHS security controls requirements to identify gaps and discuss solutions/mitigations, risk rate the identified gaps and raise risks to the customer.
• Provide quality assurance of all security authorization documentation and other documentation that supports the system.
• Manage DHS Performance Plan Metrics for assigned programs and systems.
• Review of security documentation such as service agreements, waivers and MOUs.
• Prepare reports on the aggregate risk for systems in supported programs.
• Provide risk determinations in support of security authorization, weakness remediation, and audit activities.
• Recommend appropriate mitigation measures, proper design trade-offs in terms of potential impacts and cost benefits.
• Monitor the gates in the System Lifecycle Management (SLM) process and prepare the customer with outstanding issues and risks identified in the process prior to concurrence on system readiness.

Qualifications

Required

• Must be U.S citizen
• Ten (10) years of relevant, demonstrable extensive experience, preferably in IA management.
• Bachelor’s Degree or equivalent may be substituted with four (4) additional years of relevant, demonstrable additional experience (preferably FISMA- related experience), for a total of 14 years’ experience.
• If you have a Master's Degree you only need four (8) years of relevant, demonstrable additional experience (preferably FISMA- related experience).
• Industry-standard security certification required, with one of the following preferred:
  • Certified Information Systems Security Professional (CISSP)
  • CompTIA Advanced Security Practitioner (CASP)
  • GIAC Security Leadership (GSLC)
  • CompTIA Advanced Security Practitioner (CASP)
  • Certified Information Security Manager (CISM)

• Project Management Professional (PMP) and Agile certifications preferred.
• Applies extensive knowledge of a variety of the IA field’s concepts, practices, and procedures to ensure the secure integration and operation of all systems
• Experience reviewing contractual documentation and service agreements a plus.
• Extensive specialized knowledge of financial audit standards, classified system IA requirements and Privacy Act requirements.
• Specialized knowledge and experience with the implementation of the NIST Special Publication (SP) 800 family of publications, particularly those associated with the Risk Management Framework.
• Specialized knowledge and experience with evaluating system, network, or infrastructure security controls against requirements such as FISMA, FIPS, and NIST guidelines.
• Knowledge and experience with the operating system and network knowledge (i.e., Local Area Networks [LAN] and Wide Area Networks [WAN]).
• Knowledge and experience creating and editing ISA, MOU and waivers.
• Knowledge and experience with application security, database security, and network security.
• Knowledge and experience with the information security and assurance principles (e.g., Defense-in-depth) and associated supporting technologies.
• Ability to assess and weigh current and evolving security threats in an operational environment.

Preferred Skills

• Experience providing security, and developemt or engineering support to Federal customers, DHS a plus.
• Experience supporting systems hosted in Cloud environments.
• Experience supporting systems in Agile and DevOps environments.

About steampunk

Steampunk is a Change Agent in the Federal contracting industry, bringing new thinking to clients in the Homeland, Federal Civilian, Health and DoD sectors. Through our Human-Centered delivery methodology, we are fundamentally changing the expectations our Federal clients have for true shared accountability in solving their toughest mission challenges. As an employee owned company, we focus on investing in our employees to enable them to do the greatest work of their careers – and rewarding them for outstanding contributions to our growth. If you want to learn more about our story, visit http://www.steampunk.com.

We are an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law. Steampunk participates in the E-Verify program.