Cybersecurity Governance Lead - FCC
Cybersecurity Governance Lead - FCC
Posted on :
07-08-2025
Employer Active
1 Vacancy
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Share
Send me jobs like this
Job Alert
You will be updated with latest job alerts via emailValid email field required
Send jobs
Monthly Salary
Not Disclosed
Salary Not Disclosed
Vacancy
1 Vacancy
Posted on :
07-08-2025
Job Description
cFocus Software seeks a Cybersecurity Governance Lead to join our program supporting the Federal Communications Commission (FCC). This position is remote.
Qualifications:
Duties:
Qualifications:
- Bachelors degree in Information Technology Cybersecurity Computer Science Information Technologies or other related fields
- Top Secret Clearance
- Certified Information Systems Security Professional (CISSP)
- 5 years of federal security audit related experience
- Working knowledge of the RMF Audit support Information Assurance Cloud deployments and Risk Management tools
- Possess the knowledge skills tasks and capabilities described in the work role Technology Program Auditing (OGWRL-106) as outlined in the NICE Work Role Framework
Duties:
- Assist with cybersecurity and privacy tasks incorporating the Risk Management Framework (RMF) for the authorization and accreditation of federal systems.
- Support reporting data calls and deliverables under the Federal Information Security Modernization Act (FISMA) ensuring compliance with all requirements and relevant laws.
- Design and implement risk management policies and procedures based on guidance from FISMA OMB Circular A-130 and current versions of NIST Special Publications
- Conduct Privacy Control Assessments in collaboration with security control assessments focusing on privacy controls per NIST SP 800-53 SP 800-37 OMB A-130 and federal requirements.
- Develop and implement automated Privacy Control Assessments to achieve continuous monitoring and minimize manual assessments.
- Provide customers with guidance on privacy requirements controls responsibilities and implementation methods.
- Analyze findings from privacy security control assessments (PSCA) and quantify the associated risk.
- Conduct Privacy Assessments provide input into System Security Plans (SSPs) Privacy Impact Assessments (PIAs) and Initial Privacy Assessments (IPA) and offer recommendations based on evaluations.
- Assist the Information System Security Officer (ISSO) with privacy-related duties including Systems of Records Notices (SORNs) Computer Matching Agreements (CMAs) and Third-Party Web Application PIAs (TPWA PIAs).
- Support the Cybersecurity Group with IT Security Awareness Training and Education of FCC personnel contractors and partners.
- Develop and communicate cybersecurity awareness messaging based on current and evolving cyber threats.
- Develop administer and conduct monthly phishing exercises.
- As requested facilitate and deliver New Employee cybersecurity and privacy training and other IT Security Training classes.
- Collaborate with the Cyber Threat Intelligence Team to deliver cyber threat briefings to key stakeholders.
- Create review and update training material and presentations to stay relevant to federal requirements and best practices
- Review update and analyze OCIO cybersecurity and privacy policies in line with federal laws regulations and standards considering unique business objectives.
- Guide policy development review and preparation of final reports.
- Collaborate with stakeholders system owners and FCC leadership to implement practical policies and procedures.
- Document recommendations for improving legal and regulatory compliance.
- Deliver executive briefs to FCC leadership and stakeholders.
- Use the FCC-accredited Enterprise Governance Risk and Compliance (eGRC) tool for effective risk management.
- Maintain regular communication with stakeholders to meet federal reporting requirements.
- Design analyze and implement the FCC Cybersecurity and Privacy Policy.
- Prepare policy reports outlining recommendations and directives from the CIO and CISO.
- Manage and update the Cybersecurity Groups internal policy SharePoint site or relevant document management system
- Assist in analyzing audit reports preparing responses and developing remediation plans.
- Plan and attend external auditor meetings.
- Collect evaluate and submit artifacts by due dates.
- Maintain an Audit Tracker Report to monitor audit status.
- Use the eGRC tool to manage audit data and respond to auditor requests.
- Prepare comprehensive responses and maintain communication with stakeholders
Required Experience:
Senior IC
Employment Type
Full-Time
Key Skills
Report This Job
Disclaimer: Drjobpro.com is only a platform that connects job seekers and employers. Applicants are advised to conduct their own independent research into the credentials of the prospective employer.We always make certain that our clients do not endorse any request for money payments, thus we advise against sharing any personal or bank-related information with any third party. If you suspect fraud or malpractice, please contact us via contact us page.
