Lead FISMA Program Support SME
Lead FISMA Program Support SME
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
USD 150000 - 190000
1 Vacancy
Job Description
Gen3 Technology Consulting isan SBA-certified Woman-Owned Small Business (WOSB) providinga diverse set of technology services and solutions to federal state and commercial clients. Founded in 2017 Gen3 leverages over 25 years of information technology management and leadership experience to help our clients define plan manage and achieve their strategic vision while protecting their critical IT attract and retain the highest caliber of talent by supporting an inclusive work environment cultivating growth and leadership both professionally and personally and encouraging work-life balance. We strive to make it our priority to be compassionate family-friendly respectful and flexible.
About the role: We are seeking a Lead FISMA Program Support Subject Matter Expert (SME) to support the U.S. Department of Transportation (DOT) in advancing its cybersecurity maturity and alignment with federal requirements. This role involves collaborating closely with DOTs Director of FISMA and Compliance leading enterprise-level assessments defining strategic cybersecurity outcomes and driving the execution of corrective action plans across the department and its Operating Administrations (OAs).
Location: Washington DC
Certifications Required: Security (or equivalent)
Key Responsibilities:
- Work with DOTs Director of FISMA and key stakeholders to assess the agencys security posture and develop as-is and target cybersecurity profiles.
- Comprehensively assess DOTs current cybersecurity practices systems and controls.
- Collaborate with key stakeholders to identify strengths weaknesses and areas for improvement.
- Gather data and metrics to evaluate the effectiveness of existing security measures.
- Develop a current cybersecurity profile representing DOTs existing cybersecurity posture.
- Create a target profile and measures of performance aligned with NIST CSF and federal/agency-level initiatives.
- Analyze gaps between current and target profiles; prioritize gaps based on risk and impact.
- Develop and execute a detailed corrective action plan (CAP) to strengthen security posture.
- Facilitate annual reviews with system stakeholders to assess system portfolios and vulnerability remediation progress.
- Implement and track actions outlined in the CAP including allocation of resources and process enhancements.
- Create documentation capturing the outcomes of gap analysis and implementation activities.
- Monitor ongoing progress and ensure alignment with cybersecurity objectives.
- Conduct monthly performance reviews across all Operating Administrations (OAs) to validate FISMA effectiveness.
- Evaluate improvement levels by comparing updated system profiles to the target state.
- Establish a robust monitoring and measurement framework to continuously evaluate DOTs cybersecurity posture.
- Regularly review and update action plans profiles and security controls based on the evolving threat landscape.
- Conduct periodic evaluations to report status against NIST CSF and relevant OMB memoranda.
- Provide recommendations for enhancing dashboards to improve visualization of security metrics.
- Offer expert guidance to ensure Risk Management Framework (RMF) practices are properly managed by system stakeholders.
- Five (5) or more years of experience with NIST security controls and information assurance.
- Two (2) or more years of direct experience supporting DHS CISA and HVA PMO.
- Four (4) or more years of experience working with High Value Assets (HVAs) within the NIST RMF process.
- Experience leading an HVA PMO team.
- Demonstrated expertise in developing federal and agency-level HVA documentation guidance and outreach.
- Security certification (or equivalent required).
- Strong understanding of:
- Information assurance cybersecurity and privacy methodologies.
- FISMA (Federal Information Security Modernization Act of 2014).
- NIST Risk Management Framework (RMF).
- NIST Cybersecurity Framework (CSF).
- HVA evaluation and standardization requirements.
- Ability to work with stakeholders to assess needs provide support and solve problems effectively.
- Familiarity with CSAM reporting and control management (Common Hybrid System-specific).
- Proficiency in Systems Analysis Business Analysis and Business Intelligence best practices.
- Effective verbal and written communication skills.
- Experience with data system design report generation and dashboard deployment.
- Skilled in analyzing data from multiple sources performing root cause analysis and drawing actionable insights.
- Proficient in tools and technologies including:
- SQL Microsoft SharePoint
- Tableau Power BI BI 360 Hyperion
- Microsoft Office Suite and SQL Reporting Services
Whats In It for You (full-time Gen3 employees):
- Competitive compensation.
- Comprehensive health vision and dental benefits.
- Generous PTO and 11 days of paid Federal Holidays.
- $3k annual tuition reimbursement.
- 401(k) with a matching plan.
- Pet insurance.
- Life and AD&D insurance.
- Short-term and Long-term disability insurance.
Employment Eligibility: Eligible to work for any employer in the United States without requiring sponsorship. Most of our positions require a government security clearance you must be a US Citizen or Green Card holder for consideration. Certain positions require at least three (3) of the past five (5) years of residence in the United States.
Other Requirements:
- A minimum of three (3) out of the past five (5) years of residency in the United States is mandatory.
- Candidates must possess either an active green card or citizenship.
- Prospective employees offered a position must have work authorization that does not necessitate employer-sponsored visa sponsorship both presently and in the future.
- Those selected for this role may undergo a government security investigation and must meet the eligibility criteria for accessing classified information or be eligible for security clearances.
- Location: Gen3 is currently focusing its hiring efforts in these states: Alabama Arizona Colorado DC Florida Georgia Kentucky Maryland Missouri North Carolina New York Ohio Oklahoma Oregon Texas Virginia and Wisconsin.
Veteran and HubZone-friendly employer.
E-Verify Employer. EOE Statement: Gen3 is an equal opportunity employer. We adhere to all federal regulations and ensure that our hiring practices are based solely on merit. We do not discriminate against any applicant based on race color sex sexual orientation gender identity religion national origin disability or veteran status. All qualified applicants will receive consideration for employment.
Accommodation: Please contact the recruiting team at if you would like to request a reasonable accommodation during the application or interviewing process.
Required Experience:
Manager
Employment Type
Full-Time
