Lead Compliance Specialist
Share
Job Location:
Washington, AR - USA
Monthly Salary:
Not Disclosed
Posted on:
6 hours ago
Vacancies:
1 Vacancy
Job Summary
Position: Lead Compliance Specialist
Location: Washington DC(Hybrid)
Duration: Long Term
Location: Washington DC(Hybrid)
Duration: Long Term
Job Description:
The Lead Compliance Specialist is responsible for the SAMHSA Information Security Program Plan Risk Management Framework execution Security Assessment and Authorization (SA&A) workflow FISMA reporting cadence policy development and lifecycle management and privacy program governance. This position serves as the Governments primary technical liaison on compliance matters and is the principal author of FISMA monthly quarterly and annual reports; the SAMHSA Information Security Program Plan; the NIST CSF Implementation Plan; SA&A authorization packages; and the Privacy program artifacts (PIA SORN PTA TPWA Privacy Act clearance reviews). Note: This Key Personnel position is filled from SAIC under the prime/sub teaming arrangement IF the kickoff-deck workshare allocation places PWS Tasks 5.1 5.2 5.3 5.4 5.5 5.6 and 5.8 with SAIC. Confirm with BD Lead before sourcing.
Mandatory Qualifications
Minimum five (5) years cybersecurity experience with progressive responsibility.
Solid working understanding of FISMA NIST publications (SP 800-53 Rev 5 SP 800-37 Rev 2 SP 800-137 SP 800-161 Rev 2) and federal privacy laws including the Privacy Act of 1974 and HIPAA.
Demonstrated experience processing Privacy Impact Assessments (PIAs) and System of Records Notices (SORNs) through the federal lifecycle (PTA > PIA > SORN publication in the Federal Register).
Demonstrated experience as principal author of FISMA reports submitted to a federal CIO/CISO at the agency or sub-agency level.
Experience with federal authorizing official engagement and ATO authorization package development.
The Lead Compliance Specialist is responsible for the SAMHSA Information Security Program Plan Risk Management Framework execution Security Assessment and Authorization (SA&A) workflow FISMA reporting cadence policy development and lifecycle management and privacy program governance. This position serves as the Governments primary technical liaison on compliance matters and is the principal author of FISMA monthly quarterly and annual reports; the SAMHSA Information Security Program Plan; the NIST CSF Implementation Plan; SA&A authorization packages; and the Privacy program artifacts (PIA SORN PTA TPWA Privacy Act clearance reviews). Note: This Key Personnel position is filled from SAIC under the prime/sub teaming arrangement IF the kickoff-deck workshare allocation places PWS Tasks 5.1 5.2 5.3 5.4 5.5 5.6 and 5.8 with SAIC. Confirm with BD Lead before sourcing.
Mandatory Qualifications
Minimum five (5) years cybersecurity experience with progressive responsibility.
Solid working understanding of FISMA NIST publications (SP 800-53 Rev 5 SP 800-37 Rev 2 SP 800-137 SP 800-161 Rev 2) and federal privacy laws including the Privacy Act of 1974 and HIPAA.
Demonstrated experience processing Privacy Impact Assessments (PIAs) and System of Records Notices (SORNs) through the federal lifecycle (PTA > PIA > SORN publication in the Federal Register).
Demonstrated experience as principal author of FISMA reports submitted to a federal CIO/CISO at the agency or sub-agency level.
Experience with federal authorizing official engagement and ATO authorization package development.
Preferred Qualifications
Direct experience supporting an HHS Operating Division (OpDiv) or Staff Division (StaffDiv)
Experience with HHS Privacy Compliance Officer (PCO) or Senior Agency Official for Privacy (SAOP) coordination
Experience with FedRAMP-authorized cloud environments and shared-responsibility model assessments
Familiarity with OMB privacy memoranda (M-17-12 M-22-09 M-24-04 M-24-10) and Executive Orders 14144 and 14306
Experience with continuous ATO (cATO) implementation and OSCAL machine-readable artifact production
Baltimore Cyber Range (BCR) Cybersecurity Technical Proficiency
Required Certifications (mandatory unless noted)
MANDATORY ONE OF: CISSP CAP Security CISM GSEC OR equivalent (DoD 8570 IAT Level II or higher; COR-approved equivalents permitted)
Active or recent Public Trust suitability
Recruiting Submission Checklist
Resume in TGI federal proposal format (chronological work history certifications education security clearances federal experience flag)
Signed Letter of Commitment (using template in Section 4 of this document)
Verified copies of required certifications (e.g. CISSP CAP CISM)
Public trust suitability status if currently held; HSPD-12 readiness statement if not
Contact information for two professional references (federal supervisors preferred)
Confirmation of availability within 30-day Transition-In window
Direct experience supporting an HHS Operating Division (OpDiv) or Staff Division (StaffDiv)
Experience with HHS Privacy Compliance Officer (PCO) or Senior Agency Official for Privacy (SAOP) coordination
Experience with FedRAMP-authorized cloud environments and shared-responsibility model assessments
Familiarity with OMB privacy memoranda (M-17-12 M-22-09 M-24-04 M-24-10) and Executive Orders 14144 and 14306
Experience with continuous ATO (cATO) implementation and OSCAL machine-readable artifact production
Baltimore Cyber Range (BCR) Cybersecurity Technical Proficiency
Required Certifications (mandatory unless noted)
MANDATORY ONE OF: CISSP CAP Security CISM GSEC OR equivalent (DoD 8570 IAT Level II or higher; COR-approved equivalents permitted)
Active or recent Public Trust suitability
Recruiting Submission Checklist
Resume in TGI federal proposal format (chronological work history certifications education security clearances federal experience flag)
Signed Letter of Commitment (using template in Section 4 of this document)
Verified copies of required certifications (e.g. CISSP CAP CISM)
Public trust suitability status if currently held; HSPD-12 readiness statement if not
Contact information for two professional references (federal supervisors preferred)
Confirmation of availability within 30-day Transition-In window
Best Regards
Ashok Kumar
Sr. Talent Acquisition Specialist
Email:
Web:
4229 Lafayette Center Dr Suite 1880 Chantilly VA 20151
Sr. Talent Acquisition Specialist
Email:
Web:
4229 Lafayette Center Dr Suite 1880 Chantilly VA 20151
