POLICY AND COMPLIANCE LEAD
Apply NowCompany: NorthHill Technology
Location: Washington, DC 20011
Description:
NorthHill Technology Resources has an immediate need for a Policy and Compliance Lead to support a Federal Program in Washington, DC. This is a hybrid role, with 2 days required onsite per week. Due to the nature of the work, US Citizenship and ability to obtain Public Trust is required.
The Policy and Compliance Lead shall have the following qualifications:
Current CISSP certification. All professional certifications must include certification
number (Ex: CISSP certification number, GIAC analyst number, etc.)
At least five years of experience developing the required documents for the A&A
package (e.g., SSP, CP, and SAR), including oversight and development of POA&M's,
and performing all continuous monitoring functions with the most recent experience
occurring in the last three years.
Experience in applying risk management techniques to develop and complete risk
assessments based on NIST standards to ensure system design and implementation
sufficiently addresses or mitigates IA risk.
At least five years of experience implementing NIST 800-53A security controls for
Federal agencies.
At least one year of experience in data structures, data mining, business intelligence,
with the ability to correlate data across multiple disparate sources, linking common
data elements, and constructing informative visualizations.
The Policy and Compliance Lead shall have the following qualifications:
Current CISSP certification. All professional certifications must include certification
number (Ex: CISSP certification number, GIAC analyst number, etc.)
At least five years of experience developing the required documents for the A&A
package (e.g., SSP, CP, and SAR), including oversight and development of POA&M's,
and performing all continuous monitoring functions with the most recent experience
occurring in the last three years.
Experience in applying risk management techniques to develop and complete risk
assessments based on NIST standards to ensure system design and implementation
sufficiently addresses or mitigates IA risk.
At least five years of experience implementing NIST 800-53A security controls for
Federal agencies.
At least one year of experience in data structures, data mining, business intelligence,
with the ability to correlate data across multiple disparate sources, linking common
data elements, and constructing informative visualizations.