cFocus Software Incorporated
Cybersecurity Governance Lead - FCC
cFocus Software Incorporated, Washington, District of Columbia, us, 20022
Join to apply for the
Cybersecurity Governance Lead - FCC
role at
cFocus Software Incorporated 2 days ago Be among the first 25 applicants Join to apply for the
Cybersecurity Governance Lead - FCC
role at
cFocus Software Incorporated Get AI-powered advice on this job and more exclusive features. cFocus Software seeks a Cybersecurity Governance Lead to join our program supporting the Federal Communications Commission (FCC). This position is on-site in Washington, DC.
Qualifications:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields Certified Information Systems Security Professional (CISSP) 5+ years of federal security audit related experience Working knowledge of the RMF, Audit support, Information Assurance, Cloud deployments, and Risk Management tools Possess the knowledge, skills, tasks, and capabilities described in the work role Technology Program Auditing (OG_WRL-106) as outlined in the NICE Work Role Framework
Duties:
Assist with cybersecurity and privacy tasks incorporating the Risk Management Framework (RMF) for the authorization and accreditation of federal systems. Support reporting, data calls, and deliverables under the Federal Information Security Modernization Act (FISMA), ensuring compliance with all requirements and relevant laws. Design and implement risk management policies and procedures based on guidance from FISMA, OMB Circular A-130, and current versions of NIST Special Publications Conduct Privacy Control Assessments in collaboration with security control assessments, focusing on privacy controls per NIST SP 800-53, SP 800-37, OMB A-130, and federal requirements. Develop and implement automated Privacy Control Assessments to achieve continuous monitoring and minimize manual assessments. Provide customers with guidance on privacy requirements, controls, responsibilities, and implementation methods. Analyze findings from privacy security control assessments (PSCA) and quantify the associated risk. Conduct Privacy Assessments, provide input into System Security Plans (SSPs), Privacy Impact Assessments (PIAs), and Initial Privacy Assessments (IPA), and offer recommendations based on evaluations. Assist the Information System Security Officer (ISSO) with privacy-related duties, including Systems of Records Notices (SORNs), Computer Matching Agreements (CMAs), and Third-Party Web Application PIAs (TPWA PIAs). Support the Cybersecurity Group with IT Security Awareness, Training, and Education of FCC personnel, contractors, and partners. Develop and communicate cybersecurity awareness messaging based on current and evolving cyber threats. Develop, administer, and conduct monthly phishing exercises. As requested, facilitate and deliver New Employee cybersecurity and privacy training and other IT Security Training classes. Collaborate with the Cyber Threat Intelligence Team to deliver cyber threat briefings to key stakeholders. Create, review, and update training material and presentations to stay relevant to federal requirements and best practices Review, update, and analyze OCIO, cybersecurity, and privacy policies in line with federal laws, regulations, and standards, considering unique business objectives. Guide policy development, review, and preparation of final reports. Collaborate with stakeholders, system owners, and FCC leadership to implement practical policies and procedures. Document recommendations for improving legal and regulatory compliance. Deliver executive briefs to FCC leadership and stakeholders. Use the FCC-accredited Enterprise Governance, Risk, and Compliance (eGRC) tool for effective risk management. Maintain regular communication with stakeholders to meet federal reporting requirements. Design, analyze, and implement the FCC Cybersecurity and Privacy Policy. Prepare policy reports outlining recommendations and directives from the CIO and CISO. Manage and update the Cybersecurity Group’s internal policy SharePoint site or relevant document management system Assist in analyzing audit reports, preparing responses, and developing remediation plans. Plan and attend external auditor meetings. Collect, evaluate, and submit artifacts by due dates. Maintain an Audit Tracker Report to monitor audit status. Use the eGRC tool to manage audit data and respond to auditor requests. Prepare comprehensive responses and maintain communication with stakeholders
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Sales, General Business, and Education Industries Wireless Services, Telecommunications, and Communications Equipment Manufacturing Referrals increase your chances of interviewing at cFocus Software Incorporated by 2x Get notified about new Cyber Security Specialist jobs in
Washington, DC . FBI Special Agent: Cybersecurity/IT Expertise
Arlington, VA $99,461.00-$128,329.00 1 week ago Washington, DC $110,000.00-$125,000.00 2 weeks ago Cybersecurity Engineer/Analyst (Junior Level | 1-2 years exp.)- Fairfax County
Information Assurance/ Security Specialist
Information Security Analyst (SOC 2 Compliance)
Fairfax, VA $92,400.00-$115,000.00 1 month ago District of Columbia, United States 5 days ago Washington, DC $120.00-$125.00 1 month ago Cybersecurity SME Level 1,2,3 in Greater DC Metro Area
Washington, DC $103,000.00-$154,000.00 1 week ago Security Operations Center (SoC) Analyst
Sterling, VA $70,000.00-$85,000.00 3 weeks ago Security Operations Center (SOC) Chief (15.02)
Washington, DC $130,000.00-$170,000.00 1 day ago District of Columbia, United States 1 month ago IT Cybersecurity Specialist (Policy and Planning/Information Security)
Washington DC-Baltimore Area $99,461.00-$128,329.00 1 week ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr
Cybersecurity Governance Lead - FCC
role at
cFocus Software Incorporated 2 days ago Be among the first 25 applicants Join to apply for the
Cybersecurity Governance Lead - FCC
role at
cFocus Software Incorporated Get AI-powered advice on this job and more exclusive features. cFocus Software seeks a Cybersecurity Governance Lead to join our program supporting the Federal Communications Commission (FCC). This position is on-site in Washington, DC.
Qualifications:
Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields Certified Information Systems Security Professional (CISSP) 5+ years of federal security audit related experience Working knowledge of the RMF, Audit support, Information Assurance, Cloud deployments, and Risk Management tools Possess the knowledge, skills, tasks, and capabilities described in the work role Technology Program Auditing (OG_WRL-106) as outlined in the NICE Work Role Framework
Duties:
Assist with cybersecurity and privacy tasks incorporating the Risk Management Framework (RMF) for the authorization and accreditation of federal systems. Support reporting, data calls, and deliverables under the Federal Information Security Modernization Act (FISMA), ensuring compliance with all requirements and relevant laws. Design and implement risk management policies and procedures based on guidance from FISMA, OMB Circular A-130, and current versions of NIST Special Publications Conduct Privacy Control Assessments in collaboration with security control assessments, focusing on privacy controls per NIST SP 800-53, SP 800-37, OMB A-130, and federal requirements. Develop and implement automated Privacy Control Assessments to achieve continuous monitoring and minimize manual assessments. Provide customers with guidance on privacy requirements, controls, responsibilities, and implementation methods. Analyze findings from privacy security control assessments (PSCA) and quantify the associated risk. Conduct Privacy Assessments, provide input into System Security Plans (SSPs), Privacy Impact Assessments (PIAs), and Initial Privacy Assessments (IPA), and offer recommendations based on evaluations. Assist the Information System Security Officer (ISSO) with privacy-related duties, including Systems of Records Notices (SORNs), Computer Matching Agreements (CMAs), and Third-Party Web Application PIAs (TPWA PIAs). Support the Cybersecurity Group with IT Security Awareness, Training, and Education of FCC personnel, contractors, and partners. Develop and communicate cybersecurity awareness messaging based on current and evolving cyber threats. Develop, administer, and conduct monthly phishing exercises. As requested, facilitate and deliver New Employee cybersecurity and privacy training and other IT Security Training classes. Collaborate with the Cyber Threat Intelligence Team to deliver cyber threat briefings to key stakeholders. Create, review, and update training material and presentations to stay relevant to federal requirements and best practices Review, update, and analyze OCIO, cybersecurity, and privacy policies in line with federal laws, regulations, and standards, considering unique business objectives. Guide policy development, review, and preparation of final reports. Collaborate with stakeholders, system owners, and FCC leadership to implement practical policies and procedures. Document recommendations for improving legal and regulatory compliance. Deliver executive briefs to FCC leadership and stakeholders. Use the FCC-accredited Enterprise Governance, Risk, and Compliance (eGRC) tool for effective risk management. Maintain regular communication with stakeholders to meet federal reporting requirements. Design, analyze, and implement the FCC Cybersecurity and Privacy Policy. Prepare policy reports outlining recommendations and directives from the CIO and CISO. Manage and update the Cybersecurity Group’s internal policy SharePoint site or relevant document management system Assist in analyzing audit reports, preparing responses, and developing remediation plans. Plan and attend external auditor meetings. Collect, evaluate, and submit artifacts by due dates. Maintain an Audit Tracker Report to monitor audit status. Use the eGRC tool to manage audit data and respond to auditor requests. Prepare comprehensive responses and maintain communication with stakeholders
Seniority level
Seniority level Mid-Senior level Employment type
Employment type Full-time Job function
Job function Sales, General Business, and Education Industries Wireless Services, Telecommunications, and Communications Equipment Manufacturing Referrals increase your chances of interviewing at cFocus Software Incorporated by 2x Get notified about new Cyber Security Specialist jobs in
Washington, DC . FBI Special Agent: Cybersecurity/IT Expertise
Arlington, VA $99,461.00-$128,329.00 1 week ago Washington, DC $110,000.00-$125,000.00 2 weeks ago Cybersecurity Engineer/Analyst (Junior Level | 1-2 years exp.)- Fairfax County
Information Assurance/ Security Specialist
Information Security Analyst (SOC 2 Compliance)
Fairfax, VA $92,400.00-$115,000.00 1 month ago District of Columbia, United States 5 days ago Washington, DC $120.00-$125.00 1 month ago Cybersecurity SME Level 1,2,3 in Greater DC Metro Area
Washington, DC $103,000.00-$154,000.00 1 week ago Security Operations Center (SoC) Analyst
Sterling, VA $70,000.00-$85,000.00 3 weeks ago Security Operations Center (SOC) Chief (15.02)
Washington, DC $130,000.00-$170,000.00 1 day ago District of Columbia, United States 1 month ago IT Cybersecurity Specialist (Policy and Planning/Information Security)
Washington DC-Baltimore Area $99,461.00-$128,329.00 1 week ago We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
#J-18808-Ljbffr