Cyber Security Risk Assessor - Level 3 -- WMATA-005
Posting Title: Cyber Security Risk Assessor - Level 3
Specific Position Requirements
Is this a new requirement or is there an incumbent?
- Subject Matter Expert (SME) in Risk Management Tools, Techniques and Methodologies and Frameworks.
- SME in conducting IT RISK Evaluations, Assessments, and Reporting.
- SME in Classifying and monitoring IT risks
- SME in maintaining a Risk Register and Dashboard
- Define a risk appetite for WMATA IT
- Experience with PCI compliance and responding to IT audits
SOW Labor Category/Experience Level/WBS #
126.96.36.199.3. Cyber Security Risk Assessor - Level 3
Tasks Specific to this requirement:
- Serves as a lead cyber and information security consultant to the project team by conducting security risk assessments and providing guidance on securing information systems, applications, and networks
- Provides technical guidance and expertise in the areas of secure applications development, security risk management and assessment, security policies and standards, security architectures and implementations, and effective security risk assessment practices
- Performs application and technology design reviews, security risk assessments, requirements analysis, security testing oversight, risk remediation planning, and security project management
- Develops, reviews, and implements security risk management policies, standards, and practices
- Defines security and policy compliance requirements in supporting the acquisition and deployment of security software, systems, and services
- Provides guidance on the development and integration of a security development lifecycle (SDL) to include secure development, testing, and configuration of application and web architectures
- Review and assess vendors information security solutions and deliverables, including technologies and architectures, security controls and procedures, and contract documentation
188.8.131.52. Minimum Requirements
- Experience with design and development of secure enterprise communications systems
- Experience with the analysis, systems design, implementation and testing of secure enterprise information systems
- Experience in Network engineering with emphasis' in design, implementation, operations and maintenance of a variety of Windows Services, Application and Database servers, relevant Network Security appliance and Endpoint Security products
184.108.40.206.3. Level 3: Expert level -
• Master's degree in Computer Science, Engineering or a related technical discipline, or the equivalent combination of education, technical training, or work/military experience 8+ years of related technical experience
NBS Enterprises creates competitive advantages. We isolate and overcome constraints to deliver performance value for all involved: you, your customer, and your employees. We break current market staffing trends with price-sensitive strategies solutions.
Our goal is to work in partnership with you, our client, become a trusted advisor and teammate to establish a relationship that provides you and your team with a competitive advantage at both the contract and at the task order levels. NBS' innovative 'Triangle' approach to staffing support provides you, your customer, and your future employee a risk mitigation solution that is second to none.
Mon, 10 Jul 2017 08:09:02 PDT