Enterprise Cybersecurity Risk Management & Compliance Lead

At The One 23 Group, our mission is to set the benchmark for excellence in government services. We empower our clients in the Department of Defense, Intelligence Community, and Federal Civilian sectors to excel with our advanced capabilities. Our dedication lies in fostering a people-first culture, underpinned by steadfast ethical principles. Embracing innovative technologies and process improvements, we are steadfast in our journey toward a future that is both bright and transformative.

Our expertise spans consulting and analytics, digital workplace solutions, and cyber compliance. With our global footprint, we place a strong emphasis on nurturing our people and culture, which forms the core of our successful strategies in leadership and financial management. We pride ourselves on our extensive experience and effective approach, ensuring that we lead with both innovation and integrity.

The One 23 Group, a Virginia-based Government Contractor, seeks a SECRET Cleared Enterprise Cybersecurity Risk Management & Compliance Lead local to Springfield, Virginia area. 

We are seeking a highly skilled and experienced Enterprise Cybersecurity Risk Management & Compliance Lead to oversee and manage a Federal client’s Cybersecurity Risk Management and Compliance program requirements to the highest standards. This role encompasses a wide range of responsibilities, including FISMA Inventory Management, oversight of the Enterprise Common Controls Program, and support for DHS Cybersecurity Governance. 

Key Responsibilities:

• FISMA Inventory Management: Manage and oversee the FISMA inventory, ensuring all assets are accurately tracked and reported in compliance with federal guidelines.
• Enterprise Common Controls Program: Lead the development and management of the Enterprise Common Controls Program, ensuring that all controls are effectively implemented and maintained.
• Cybersecurity Governance, Risk, and Compliance Support: Provide comprehensive support for the client’s cybersecurity governance, risk management, and compliance initiatives, ensuring alignment with federal standards.
• Cybersecurity Policy & Procedures: Oversee the management of cybersecurity policies, procedures, guidance, and      templates, ensuring they are up-to-date, relevant, and effectively communicated across the organization.
• Security Authorization: Direct and manage the security authorization processes, ensuring that all systems meet federal security standards before operation.
• POA&M Oversight: Provide oversight of the Enterprise Plan of Actions and Milestones (POA&Ms) program, ensuring timely and accurate tracking and resolution of cybersecurity risks.
• Artificial Intelligence/Machine Learning: Lead the integration of AI/ML technologies within the cybersecurity framework, ensuring these tools enhance risk management and compliance efforts.
• Training Program: Develop and manage a comprehensive training program for cybersecurity risk management and compliance, ensuring all relevant personnel are equipped with the necessary knowledge and skills.
• General Reporting, Planning, and Maintenance: Oversee general reporting, planning, and maintenance activities related to the Enterprise Cybersecurity Risk Management and Compliance Program, ensuring all deliverables are met on time and to the highest quality standards.

Qualifications:

• Education: Bachelor’s Degree is required.
• Experience: Minimum of 10 years of experience supporting large-scale projects in a Federal Market Space.
• Certifications: Must possess one of the following certifications:
  • Geographic Information Systems Professional (GISP)
  • Certified Information Security Manager (CISM)
  • Certified Information Systems Security Professional (CISSP)
  • Certified Governance, Risk & Compliance (CGRC)
• Leadership: Proven experience in leading and managing large teams, with a focus on delivering high-quality training services in a federal environment.

Clearance: 

• Must possess an active SECRET clearance.