Director, Cyber Risk & Compliance
Business Group Highlights Information Technology and Facilities The IT group is strategically aligned to provide effective ITFacilities support to the Perspecta business. The team is responsible for executing functions to ensure day-to-day IT support, to ensure technology standards are established and followed across the organization, to manage assets and the confidentiality, integrity, security and availability of IT assets, information, data and services. Facilities supports environmental, health and safety operations to ensure safe, comfortable and productive work environments for Perspecta employees. Responsibilities The Director of Cyber Risk Compliance (CRC) reports directly to the Corporate Chief Information Security Officer (CISO) within the Office of the Chief Information Officer (CIO). The Director CRC will be responsible for synergizing compliance and processes for a merged company with legacy environments while continuously assessing and managing cybersecurity risk and the appropriate handling and securing of Corporate-managed data, including Controlled Unclassified Information (CUI). The Director CRC will oversee the creation and revision of corporate information security policies, standards, and processes as well as the adherence to the Acceptable Use Standard that all employees and subcontractors must abide by. The Director will apply oversight, direction, and contribution to the multiple security framework assessments that Perspecta must be compliant with and continuously monitor, to include NIST SP 800-171, Protecting Controlled Unclassified Information in Nonfederal Information Systems and Organizations (DFARS Cybersecurity Maturity Model Certification (CMMC) Level 3 The Director CRC will lead a team to create and provide annual enterprise Security Awareness Training, privileged and role-based training as applicable, as well as provide ongoing content, security updates and tips to the team's cybersecurity website. This position will also be responsible for leading the corporate anti-phishing campaign. The Director CRC will lead the Cyber Risk Management Steering Committee and will work with cross-functional teams within CISO and OCIO to continuously assess and maintain an appropriate cybersecurity risk posture to including conducting risk assessments, presenting written and oral reports on assessments, presenting at Ops Reviews, and advising senior leadership on risk tolerance. The Director will be responsible for providing sound advice and input for strategic changes within the OCIO and CISO organizations, to include interacting with various Perspecta business units. This is primarily an onsite position in Chantilly, VA. However, pending workload requirements and COVID precautions, some remote work is a possibility. Qualifications Director level position BSBA with 16-18 years, MS with 14+ years, Phd with 10+ years This position will be entertained as a Senior Manager for candidates with BSBA with 12-15 years, MS with 10-13 years, Phd with 10+ years 15+ years in Cybersecurity with significant experience supporting federal government customers or contractors (Senior Manager must have at least 10+ years in Cybersecurity) Experience with NIST and CMMC cybersecurity controls and frameworks Experience creating and reviewing corporate-wide policies and documentation to adequately reflect an organization's maturity. Experience and knowledge of Department of Defense (DoD) or other applicable Federal government agency requirements to include handling of Controlled Unclassified Information (CUI) CISSP For Colorado Residents About Perspecta What matters to our nation, is what matters to us. At Perspecta, everything we do, from conducting innovative research to cultivating strong relationships, supports one imperative ensuring that your work succeeds. Our company was formed to bring a broad array of capabilities to all parts of the public sector-from investigative services and IT strategy to systems work and next-generation engineering. Our promise is simple never stop solving our nation's most complex challenges. And with a workforce of approximately 14,000, more than 48 percent of which is cleared, we have been trusted to do just that, as a partner of choice across the entire sector. Perspecta is anAAEEOEmployer - All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status. As a government contractor, Perspecta abides by the following provision Pay Transparency Nondiscrimination Provision The contractor will not discharge or in any other manner discriminate against employees or applicants because they have inquired about, discussed, or disclosed their own pay or the pay of another employee or applicant. However, employees who have access to the compensation information of other employees or applicants as a part of their essential job functions cannot disclose the pay of the other employees or applicants to individuals who do not otherwise have access to compensation information, unless the disclosure is (a) in response to a formal complaint or charge, (b) in furtherance of an investigation, proceeding, hearing, or action, including an investigation conducted by the employer, or (c) consistent with the contractor's legal duty to furnish information. 41 CFR 60-1.35(c).
January 6 on Dice