Koniag Data Solutions, a Koniag Government Services company, is seeking a Cyber SME III HHS GRC Risk Management Branch to support KDS and our government customer in Washington D.C. This position requires the candidate to be able to obtain a Public Trust.
We offer competitive compensation and an extraordinary benefits package including health, dental and vision insurance, 401K with company matching, flexible spending accounts, paid holidays, three weeks paid time off, and more.
The Cyber SME III HHS GRC Risk Management Branch will serve as a key resource on the contract, supporting strategic program operations and oversight functions. The ideal candidate will possess strong project management skills combined with deep cybersecurity expertise to help promote best practices, build partnerships, enhance communications, and improve oversight activities. This position plays a crucial role in maintaining the customer's risk posture by effectively identifying, assessing, remediating, and monitoring privacy and security risks while integrating cybersecurity risk management into the Department-wide enterprise risk management framework. This is a supervisory position.
Strategic Program Operations:
The Cybersecurity Risk Management Project Manager / SME will lead and manage cross-functional teams to implement and maintain comprehensive cybersecurity risk management programs across multiple focus areas including Enterprise Risk Management, FedRAMP, High Value Assets, Information Security Continuous Monitoring, and Cybersecurity Supply Chain Risk Management. Principal responsibilities include:
Direct the Program Management Office (PMO) operations for cybersecurity risk management initiatives, ensuring alignment with mission objectives, regulatory requirements, and security standards
Lead strategic planning efforts for multiple cybersecurity risk management programs, establishing roadmaps, metrics, and success criteria
Develop, implement, and maintain policies, procedures, methodologies, and frameworks for cybersecurity risk management incorporating federal laws, executive orders, OMB requirements, and NIST guidance
Oversee risk assessments, security authorizations, and continuous monitoring activities across cloud environments, high-value assets, and enterprise systems
Manage and facilitate working groups and committees, including interagency collaboration, stakeholder engagement, and knowledge sharing
Direct data collection, analysis, and reporting to provide situational awareness of the customer's risk posture to leadership and stakeholders
Supervise the development of executive-level briefings, reports, and recommendations based on risk management data
Lead supply chain risk management activities, including developing strategies for identifying and mitigating risks throughout the supply chain lifecycle
Mentor and develop team members while fostering collaboration across security domains
Serve as a technical advisor on cybersecurity risk management matters to senior leadership
Education and Experience:
Bachelor's degree in Computer Science, Information Technology, Cybersecurity, or related field
7+ years of experience in cybersecurity, with at least 5 years in project management
Experience with federal government cybersecurity frameworks, particularly NIST and FISMA
Demonstrated experience in stakeholder management at senior leadership levels
Experience in preparing and delivering executive-level briefings and reports
Knowledge of governance, risk, and compliance principles and practices in a federal environment
PMP, CISSP, CISM, or related professional certifications
Required Skills and Competencies:
Expert knowledge of cybersecurity risk management frameworks, methodologies, and best practices, including NIST CSF, NIST RMF, and ISO 27001
Demonstrated experience with Enterprise Risk Management (ERM) frameworks and integration of cybersecurity risk into organizational ERM programs
Extensive knowledge of federal cybersecurity laws, regulations, and requirements, including FISMA, FedRAMP, Executive Orders (13800, 14028), OMB A-123, and NIST Special Publications
Proven project management skills with ability to manage complex, multi-faceted programs simultaneously
Experience with cloud security concepts, FedRAMP assessment and authorization processes, and continuous monitoring requirements
Knowledge of High Value Asset (HVA) identification, protection strategies, and risk management approaches
Experience with Information Security Continuous Monitoring (ISCM) program development and implementation
Understanding of Cybersecurity Supply Chain Risk Management (C-SCRM) concepts, frameworks, and implementation approaches
Excellent written and verbal communication skills with ability to translate complex technical concepts for various audiences
Strong leadership abilities with experience managing technical teams and collaborating across organizational boundaries
Experience facilitating working groups, committees, or communities of practice focused on cybersecurity or risk management
Analytical skills for evaluating risk data, identifying trends, and developing evidence-based recommendations
Experience with risk management and governance tools such as RSA Archer or other GRC platforms
Excellent problem-solving abilities with demonstrated capacity to manage complex security challenges
Security Requirement:
Ability to obtain a Public Trust
Our Equal Employment Opportunity Policy
The company is an equal opportunity employer. The company shall not discriminate against any employee or applicant because of race, color, religion, creed, ethnicity, sex, sexual orientation, gender or gender identity (except where gender is a bona fide occupational qualification), national origin or ancestry, age, disability, citizenship, military/veteran status, marital status, genetic information or any other characteristic protected by applicable federal, state, or local law. We are committed to equal employment opportunity in all decisions related to employment, promotion, wages, benefits, and all other privileges, terms, and conditions of employment.
The company is dedicated to seeking all qualified applicants. If you require an accommodation to navigate or apply for a position on our website, please get in touch with Heaven Wood via e-mail at accommodations@koniag-gs.com or by calling 703-488-9377 to request accommodations.
Koniag Government Services (KGS) is an Alaska Native Owned corporation supporting the values and traditions of our native communities through an agile employee and corporate culture that delivers Enterprise Solutions, Professional Services and Operational Management to Federal Government Agencies. As a wholly owned subsidiary of Koniag, we apply our proven commercial solutions to a deep knowledge of Defense and Civilian missions to provide forward leaning technical, professional, and operational solutions. KGS enables successful mission outcomes for our customers through solution-oriented business partnerships and a commitment to exceptional service delivery. We ensure long-term success with a continuous improvement approach while balancing the collective interests of our customers, employees, and native communities. For more information, please visit www.koniag-gs.com .
Equal Opportunity Employer/Veterans/Disabled. Shareholder Preference in accordance with Public Law 88-352
Job Details
Job Family IT, Cyber Security, Network Systems
Pay Type Salary
