• Ensure client security policies and standards are enforced to support assessment, authorization and continued operation of information systems and lead a five-person Information Systems Security Officer (ISSO) team.
• Support the client Information Assurance (IA) leadership in maturing risk management processes tailored for their environment and security control requirements.
• Research and recommend innovative, secure, and automated solutions to improve the risk management processes.
• Participate in the technical security risk evaluation and assessment of new technologies and support security policy reviews.
• Provide guidance to ISSO's on conducting technical reviews, risk analyses, mitigation and strategies to address assessment and vulnerability findings.
• Manage the overall process for Plan of Action and Milestones (POA&M) and IT Risk Acceptance (ITRA) to ensure the required risk posture is maintained.
• Provide quality assurance reviews of Assessment and Authorization (A&A) deliverables to ensure consistency and clarity for internal and external stakeholders.
• Provide technical briefings to senior leadership as requested.

• Bachelor’s Degree with a concentration/coursework in a related field with 7-10 years of demonstrated work experience in the cybersecurity risk management field.
• Demonstrated experience (5 years) leading efforts for systems security assessments, preparing system security documentation, and/or performing security upgrades for live networks, desktop systems, servers, and enterprise databases leading to successful certification and accreditation or security authorization of such systems.
• Strong working knowledge and familiarity with NIST publications.
• Demonstrated experience using a GRC tool executing A&A activities.
• Current and maintained certification in one or more of the following IT Security disciplines: Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP).
• Demonstrated understanding of cloud service model tools is preferred.

TDI does business with the federal government, which restricts employment to individuals who are either US citizens or lawful permanent residents of the United States.

"TDI is an equal opportunity employer, and all qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, sexual orientation, genetics, gender identity or expression, national origin, protected veteran status or disability status, or any other characteristic protected by federal, state or local laws."