Jan 14
Top Secret
Mid Level Career (5+ yrs experience)
IT - Security
Springfield, VA (On/Off-Site)
Cybersecurity Specialist ‐ Senior Level(Key Person Task Area Lead)
Task Area 6: Component Risk Management and Compliance / Senior Risk Analyst
Certification Required:
* CISSP or CISM or CSSP or CAP
Security Clearance Required:
* Top Secret
Required Years of Experience:
* 8
Job Location:
* Currently remote due to COVID and building renovations. Must be in or willing to move to the National Capital Region within the DC Metropolitan area.
Education Requirement:
* Bachelor's Degree in Computer Science or related field
Job Description:
* Support Process Improvements & automations for the OA Program and monitors DHS MGMT systems OA requirements
* Provide Customer Service Support on internal DHS processes, methodologies, and guidance.
* Provide architecture advisement to the government including, but not limited to, network security and engineering, active directory design and implementation, application integration, and system hierarchy.
* Leverage the DHS ticketing system to track all work requests and projects ensuring work efforts are documented.
* Participate, plan, and attend various Working Group meetings.
* Engage with and support Continuous Monitoring Working Group (CMWG) or/and Compliance Working Group (CWG) meetings discussing related information on Continuous Monitoring processes and DHS Component feedback.
* Participate in Performance Plan Working Group by reviewing current metrics, recommending updates with justification.
* Organize, prepare, participate in, and sometimes run the monthly Organizational Risk Management Board (ORMB) meeting to include release of meeting minutes to attendeesMethodologies, Strategic Plans, Guidance documents and policy memos with security authorizations, inventory, security training program, policy, and procedures and guidelines.
* Review and analyze DHS policy to identify discrepancies.
* Develop, maintain, and update Guidance, Standard Operating Procedures, Templates, Knowledge documents, How-to guides, FAQs, and Trainings
* Develop, maintain and update POA&M operating procedures to review POA&M weakness remediation activity for effectiveness and quality.
* Develop documentation and provide trainings for various subject areas as requested by Federal Lead on a schedule or on an ad hoc basis.
* Develop and update relevant FISMA Compliance SOPs on a quarterly basis.
* Manage and update Remediation Plan Guidance, SOPs, Trainings and Templates
* Provide guidance and support to all MGMT systems on Ongoing Authorization (OA) processes and procedures.
* Draft and propose Standard Operational Procedures (SOP) as requested by the government and shall review/update all SOPs annually.
* Develop ATO security authorization Packages and other compliance documents to be routed for approvals and signature.
* Review Ongoing Authorization documents and develop the OA Submission package and its contents.
* Create and deploy custom reports and dashboards, working with the government points of contact, to provide specific content to the government on a need-basis.
* Utilize available data analytics tools to create custom dashboards, risk models and reports.
* Compile data, organize information, and prepare routine reports per required.
* frequency for review and submission by federal staff.
* Compile data, organize information, and prepare ad hoc reports for review and submission by federal staff.
* Prepare decision memos and compile analysis artifacts.
* Draft analysis findings, presentations, point papers, after action reports, gap analysis, business impact analysis and other analytics documentation as directed.
* Assist federal staff in identifying reporting processes which can be automated for better efficiency and reduced resource cost.
* Maintain associated task and request trackers per required frequency.
* Prepare reports on the aggregate risk for systems in supported programs.
* Develop and maintain weekly Executive POAM Report Dashboards
* Attend and support weekly project/system meetings focused on security systems as identified by the Federal Compliance Manager.
* Provide weekly/monthly reports, meeting minutes, user feedback and propose process improvements accordingly to Federal Lead
* Attend SDLC/SELC project meetings for each DHS system, review system business requirements against NIST and DHS security controls requirements to identify gaps and discuss solutions/mitigations, risk rate the identified gaps and raise risks to the Federal Compliance Manager and Federal Information System Security Manager.
* Attend weekly Compliance Team meetings and provide reports in the approved format on the status of requested FISMA Compliance activities.
* Manage and track the POA&M Risk Board Schedule, Plan, host and provide meeting minutes and action items on POA&M Meetings
* Report weekly and monthly with a summary of the PRB progress as defined by Federal POA&M Lead.
* Analyze continuous monitoring, configuration management, vulnerability management, asset management, software management and self-reported data to identify trends and anomalies cybersecurity performance and mitigation of risk.
* Provide research and development support of data analytic and data management technologies including those associated with collecting, analyzing, parsing, and reporting large volumes of data that may support the DHS CISOD Continuous Monitoring team, as well as DHS Component Continuous Monitoring teams.
* Provides guidance, reviews and tracks POA&M Consolidation and Remediation Plans for MGMT Systems to ensure proper remediation planning and POA&M consolidation for the FY CIO POA&M Sprint
* Boundary Consolidation Team provides guidance and reviews requests for boundary creation, consolidation and/or major changes to MGMT FISMA Boundaries
* Provides priorities to ISSOs based on the CISOD program priorities established by the Federal Compliance Manager.
* Review information system and program security plans, assessments, risk packages, self-assessments, POAMs and continuous monitoring data to validate risk remediation performance and management.
* Review information system and program POAMs closure waiver, and risk acceptance requests to validate information and advise federal staff on the soundness of request justification and evidence.
* Review DHS MGMT FISMA Inventory Change Request prior to submission to the MGMT Compliance Designee for processing
* Provide quality assurance of all security authorization documentation and other documentation that supports the system.
* Review, analyze and manage DHS Performance Plan Metrics for assigned programs and systems; report any discrepancies to the Federal Compliance Manager, ISSO and ISSM.
* Provide oversight of vulnerability and weakness management for MGMT systems.
* Provide risk determinations in support of security authorization, weakness remediation, and audit activities.
* •Perform security impact analysis based on changes to information systems.
* Monitor the gates or phases in the System Lifecycle Management (SLM) process and prepare the Information System Security Manager and the Federal Compliance Manager with outstanding issues and risks identified in the process prior to concurrence on system readiness.
* Update all pertinent information for all system within the DHS MGMT FISMA portfolio repository.
* Update and maintain tasks and project status on the DHS Headquarters Compliance Team SharePoint Site daily or as suggested by Federal Compliance Manager.
* Review and analyze Department Crystal Reports weekly and report any discrepancies to the ISSM, ISSO and Compliance Manager.
* Perform quality reviews of the remediation plans for accuracy, quality, feasibility, and completeness.
* Review POA&M quality against quality metrics to ensure accurate entry into DHS FISMA Compliance Tool and track remediation action on POA&Ms to completion.
* Be able to read raw scans and remediation artifacts to determine if the weakness has been mitigated or resolved.
* Review, route, process, and upload (in FISMA Compliance tool) all MGMT waivers and POA&M Closures
* Ensure the MGMT OA Program strictly abides by the
* DHS Ongoing Authorization Methodology.
* Validate the System Control Allocation Table (CAT) is accurate and corresponds to the annual OA assessment frequency requirements.
* Conduct monthly reviews of Ongoing Authorization systems to ensure they are meeting Ongoing Authorization program requirements.
* Review Ongoing Authorization documents and develop Submission package and its contents.
* Provide oversight and are the primary point of escalation for the systems in their program portfolio.
* Provide regular (weekly) reports summarizing the adherence to agreed-upon schedules. The report shall include detailed summaries of length and number of delays and recommendations for "get- well" plans. Additionally, the reports shall summarize the work completed and milestones met to include metrics.
* Reporting priorities and status of deliverables for all systems to the Federal CISOD PM/DPM, the Federal Compliance Manager, and the Contractor PM Informing stakeholders of system related compliance activities, i.e., FISMA scorecard, Plan of Action and Milestones (POA&M) resolution issues, Authority to Operate (ATO), Contingency and Contingency Test Plan and Privacy Threshold Analysis (PTA) expirations.
* Provide weekly report on outstanding tickets from MGMT tracker Informing stakeholders of system related compliance activities, i.e., FISMA scorecard, Plan of Action and Milestones (POA&M) resolution issues, Authority to Operate (ATO), Contingency and Contingency Test Plan and Privacy Threshold Analysis (PTA) expirations.
* Advise and send monthly correspondence to stakeholders on expired and upcoming expiring CP/CPT and Privacy documents.
* Provide monthly ISPP quality issues to ISSOs.
* Prepare and process Information System Security Officers (ISSO), Information System Security Manager (ISSM), and System Owner Designation Letters.
* Conduct annual assessments as required for OA assessments.
Additional Support:
* Review material submitted by HQ components prior to inspections and or assessments.
* Complete inspections and or assessments within the scheduled as determined by the CSP team and Federal Management.
* Assess CSP and other system capabilities against accreditation criteria.
* The CSP assessment team will need to work to become as familiar as possible within the given timeframe with capabilities and technologies being assessed to enable them to ask relevant questions and derive results.
* Generate post-assessment reports for the PMO within 10 days or an alternative time designated based on the inspection and or assessment and mutually agreed by the federal lead.
* Identify trends and improvement opportunities based on assessments results.
* Provide feedback to the PMO on process improvements and recommendations for future changes to the CSP and or assessment criteria.
* Ensure Compliance with all NIST RMF and DHS Cybersecurity policy and accreditation requirements using auditing tools such as ACAS, STIGS, etc.
* Prepare documents such as charters, agendas, presentations, and memorandum.
* Maintain distribution groups, points of contact lists, and group membership listings.
* Publish messages and notifications to the DHS community.
* Coordinate with the CISOD Business Offices to route and track communications with executives and HQ components.
* Create and maintain forms, document templates and a register for CISOD forms and templates which support cybersecurity activities throughout the department.
* Prepare, track, and provide status reports on data calls.
* Develop, maintain, and update Standard Operating Procedures (SOPs), handbooks, ConOps and instructions for all internal processes.
* Keep up to date internal SOP/documentations of all processes at a location specified by the Federal Lead (SharePoint, Shared Folder, Knowledgebase, etc.).
* Generate meetings minutes as requested.
* Follow and leverage the internal DHS processes to perform their duties.
* Create and deploy custom reports and dashboards, working with the government points of contact, to provide specific content to the government on a need by basis and as otherwise specified by the Federal Leads on a set frequency.
* Provide weekly and ad hoc reports summarizing the adherence to agreed-upon schedules.
> The report shall include detailed summaries of:
* length and number of delays
* recommendations for "get-well" plans
* Additionally, the reports shall summarize the work completed and milestones met to include metrics.
* Generate trending and ad-hoc reports as requested. Reporting includes extracting data from the CISOD databases, designing, developing, and implementing automated reports. Data being reported may represent subsets of the overall Performance reporting or new/unique data sets based on entire compliance data stored within the supporting tools.
* Engage and support in planning and coordinating the various Working Group Meetings
* Provide guidance and recommendations to Federal SMEs on processes and projects.
* Provide customer service support to DHS Enterprise by responding and resolving DHS Helpdesk tickets.
* Support modernization of all Cybersecurity processes and methodologies to be employed across the Enterprise and MGMT
* Collaborate and coordinate successfully with other contract vendors and Government personnel.
* Respond to component questions via helpdesk tickets, Microsoft Teams messages, emails, and phone calls.
* Provide recommendations and feedback on the DHS policies.
* Provide, develop, maintain, update, store, and distribute weekly/monthly/quarterly/ad-hoc reports, meeting minutes, user feedback as requested by the Federal Lead.
* Propose process improvements accordingly to Federal Lead.
* Support Cybersecurity process innovation and automation to support the new Cybersecurity processes and methodologies that will be developed in automated tools.
* Develop, update, maintain and provide training materials and resources to provide guidance to DHS Enterprise and MGMT on subject areas.
* Develop, maintain, update, store, and distribute Standard Operating Procedures for all routine activities to ensure standardization of activities and enable the transition of activities across members of the team.
* Develop metrics and recommend improvements for tracking progress on cybersecurity subject areas and programs.
* Develop and maintain weekly Executive reports and PMR reports.
* Attend Working Groups, meetings and discussions and provide feedback and ideas for improvements.
* Develop unique Cybersecurity training materials and resources to provide guidance regarding process, documentation and understanding of responsibilities. This can be provided in-person, online or on a training platform like the Performance and Learning Management System (PALMS) or the Federal Virtual Training Environment (FedVTE).
* Develop trainings for users across HQ components based on the new changes recommended by DHS Management for this FY.
* Develop and maintain Key Performance Indicators (KPI) and metrics to evaluate the performance and identify key areas of improvements in the subject areas or programs. Recommend changes to improve the quality and reduce the level of effort and elapsed time required for approved metrics weekly to the Federal Lead.
* Develop metric reports to evaluate Cybersecurity Risk management and
* Scorecard progress on weekly/monthly basis.
* Collaborate with other teams to ensure that Cybersecurity processes are effectively maintained and tracked.
* Work with DHS Enterprise to identify, develop, and implement Cybersecurity programs best practices, and general guidance for use across the federal government.
* Support current and future enhancements and transition of DHS CISOD tools and requirements.
Task Area 6: Component Risk Management and Compliance / Senior Risk Analyst
Certification Required:
* CISSP or CISM or CSSP or CAP
Security Clearance Required:
* Top Secret
Required Years of Experience:
* 8
Job Location:
* Currently remote due to COVID and building renovations. Must be in or willing to move to the National Capital Region within the DC Metropolitan area.
Education Requirement:
* Bachelor's Degree in Computer Science or related field
Job Description:
* Support Process Improvements & automations for the OA Program and monitors DHS MGMT systems OA requirements
* Provide Customer Service Support on internal DHS processes, methodologies, and guidance.
* Provide architecture advisement to the government including, but not limited to, network security and engineering, active directory design and implementation, application integration, and system hierarchy.
* Leverage the DHS ticketing system to track all work requests and projects ensuring work efforts are documented.
* Participate, plan, and attend various Working Group meetings.
* Engage with and support Continuous Monitoring Working Group (CMWG) or/and Compliance Working Group (CWG) meetings discussing related information on Continuous Monitoring processes and DHS Component feedback.
* Participate in Performance Plan Working Group by reviewing current metrics, recommending updates with justification.
* Organize, prepare, participate in, and sometimes run the monthly Organizational Risk Management Board (ORMB) meeting to include release of meeting minutes to attendeesMethodologies, Strategic Plans, Guidance documents and policy memos with security authorizations, inventory, security training program, policy, and procedures and guidelines.
* Review and analyze DHS policy to identify discrepancies.
* Develop, maintain, and update Guidance, Standard Operating Procedures, Templates, Knowledge documents, How-to guides, FAQs, and Trainings
* Develop, maintain and update POA&M operating procedures to review POA&M weakness remediation activity for effectiveness and quality.
* Develop documentation and provide trainings for various subject areas as requested by Federal Lead on a schedule or on an ad hoc basis.
* Develop and update relevant FISMA Compliance SOPs on a quarterly basis.
* Manage and update Remediation Plan Guidance, SOPs, Trainings and Templates
* Provide guidance and support to all MGMT systems on Ongoing Authorization (OA) processes and procedures.
* Draft and propose Standard Operational Procedures (SOP) as requested by the government and shall review/update all SOPs annually.
* Develop ATO security authorization Packages and other compliance documents to be routed for approvals and signature.
* Review Ongoing Authorization documents and develop the OA Submission package and its contents.
* Create and deploy custom reports and dashboards, working with the government points of contact, to provide specific content to the government on a need-basis.
* Utilize available data analytics tools to create custom dashboards, risk models and reports.
* Compile data, organize information, and prepare routine reports per required.
* frequency for review and submission by federal staff.
* Compile data, organize information, and prepare ad hoc reports for review and submission by federal staff.
* Prepare decision memos and compile analysis artifacts.
* Draft analysis findings, presentations, point papers, after action reports, gap analysis, business impact analysis and other analytics documentation as directed.
* Assist federal staff in identifying reporting processes which can be automated for better efficiency and reduced resource cost.
* Maintain associated task and request trackers per required frequency.
* Prepare reports on the aggregate risk for systems in supported programs.
* Develop and maintain weekly Executive POAM Report Dashboards
* Attend and support weekly project/system meetings focused on security systems as identified by the Federal Compliance Manager.
* Provide weekly/monthly reports, meeting minutes, user feedback and propose process improvements accordingly to Federal Lead
* Attend SDLC/SELC project meetings for each DHS system, review system business requirements against NIST and DHS security controls requirements to identify gaps and discuss solutions/mitigations, risk rate the identified gaps and raise risks to the Federal Compliance Manager and Federal Information System Security Manager.
* Attend weekly Compliance Team meetings and provide reports in the approved format on the status of requested FISMA Compliance activities.
* Manage and track the POA&M Risk Board Schedule, Plan, host and provide meeting minutes and action items on POA&M Meetings
* Report weekly and monthly with a summary of the PRB progress as defined by Federal POA&M Lead.
* Analyze continuous monitoring, configuration management, vulnerability management, asset management, software management and self-reported data to identify trends and anomalies cybersecurity performance and mitigation of risk.
* Provide research and development support of data analytic and data management technologies including those associated with collecting, analyzing, parsing, and reporting large volumes of data that may support the DHS CISOD Continuous Monitoring team, as well as DHS Component Continuous Monitoring teams.
* Provides guidance, reviews and tracks POA&M Consolidation and Remediation Plans for MGMT Systems to ensure proper remediation planning and POA&M consolidation for the FY CIO POA&M Sprint
* Boundary Consolidation Team provides guidance and reviews requests for boundary creation, consolidation and/or major changes to MGMT FISMA Boundaries
* Provides priorities to ISSOs based on the CISOD program priorities established by the Federal Compliance Manager.
* Review information system and program security plans, assessments, risk packages, self-assessments, POAMs and continuous monitoring data to validate risk remediation performance and management.
* Review information system and program POAMs closure waiver, and risk acceptance requests to validate information and advise federal staff on the soundness of request justification and evidence.
* Review DHS MGMT FISMA Inventory Change Request prior to submission to the MGMT Compliance Designee for processing
* Provide quality assurance of all security authorization documentation and other documentation that supports the system.
* Review, analyze and manage DHS Performance Plan Metrics for assigned programs and systems; report any discrepancies to the Federal Compliance Manager, ISSO and ISSM.
* Provide oversight of vulnerability and weakness management for MGMT systems.
* Provide risk determinations in support of security authorization, weakness remediation, and audit activities.
* •Perform security impact analysis based on changes to information systems.
* Monitor the gates or phases in the System Lifecycle Management (SLM) process and prepare the Information System Security Manager and the Federal Compliance Manager with outstanding issues and risks identified in the process prior to concurrence on system readiness.
* Update all pertinent information for all system within the DHS MGMT FISMA portfolio repository.
* Update and maintain tasks and project status on the DHS Headquarters Compliance Team SharePoint Site daily or as suggested by Federal Compliance Manager.
* Review and analyze Department Crystal Reports weekly and report any discrepancies to the ISSM, ISSO and Compliance Manager.
* Perform quality reviews of the remediation plans for accuracy, quality, feasibility, and completeness.
* Review POA&M quality against quality metrics to ensure accurate entry into DHS FISMA Compliance Tool and track remediation action on POA&Ms to completion.
* Be able to read raw scans and remediation artifacts to determine if the weakness has been mitigated or resolved.
* Review, route, process, and upload (in FISMA Compliance tool) all MGMT waivers and POA&M Closures
* Ensure the MGMT OA Program strictly abides by the
* DHS Ongoing Authorization Methodology.
* Validate the System Control Allocation Table (CAT) is accurate and corresponds to the annual OA assessment frequency requirements.
* Conduct monthly reviews of Ongoing Authorization systems to ensure they are meeting Ongoing Authorization program requirements.
* Review Ongoing Authorization documents and develop Submission package and its contents.
* Provide oversight and are the primary point of escalation for the systems in their program portfolio.
* Provide regular (weekly) reports summarizing the adherence to agreed-upon schedules. The report shall include detailed summaries of length and number of delays and recommendations for "get- well" plans. Additionally, the reports shall summarize the work completed and milestones met to include metrics.
* Reporting priorities and status of deliverables for all systems to the Federal CISOD PM/DPM, the Federal Compliance Manager, and the Contractor PM Informing stakeholders of system related compliance activities, i.e., FISMA scorecard, Plan of Action and Milestones (POA&M) resolution issues, Authority to Operate (ATO), Contingency and Contingency Test Plan and Privacy Threshold Analysis (PTA) expirations.
* Provide weekly report on outstanding tickets from MGMT tracker Informing stakeholders of system related compliance activities, i.e., FISMA scorecard, Plan of Action and Milestones (POA&M) resolution issues, Authority to Operate (ATO), Contingency and Contingency Test Plan and Privacy Threshold Analysis (PTA) expirations.
* Advise and send monthly correspondence to stakeholders on expired and upcoming expiring CP/CPT and Privacy documents.
* Provide monthly ISPP quality issues to ISSOs.
* Prepare and process Information System Security Officers (ISSO), Information System Security Manager (ISSM), and System Owner Designation Letters.
* Conduct annual assessments as required for OA assessments.
Additional Support:
* Review material submitted by HQ components prior to inspections and or assessments.
* Complete inspections and or assessments within the scheduled as determined by the CSP team and Federal Management.
* Assess CSP and other system capabilities against accreditation criteria.
* The CSP assessment team will need to work to become as familiar as possible within the given timeframe with capabilities and technologies being assessed to enable them to ask relevant questions and derive results.
* Generate post-assessment reports for the PMO within 10 days or an alternative time designated based on the inspection and or assessment and mutually agreed by the federal lead.
* Identify trends and improvement opportunities based on assessments results.
* Provide feedback to the PMO on process improvements and recommendations for future changes to the CSP and or assessment criteria.
* Ensure Compliance with all NIST RMF and DHS Cybersecurity policy and accreditation requirements using auditing tools such as ACAS, STIGS, etc.
* Prepare documents such as charters, agendas, presentations, and memorandum.
* Maintain distribution groups, points of contact lists, and group membership listings.
* Publish messages and notifications to the DHS community.
* Coordinate with the CISOD Business Offices to route and track communications with executives and HQ components.
* Create and maintain forms, document templates and a register for CISOD forms and templates which support cybersecurity activities throughout the department.
* Prepare, track, and provide status reports on data calls.
* Develop, maintain, and update Standard Operating Procedures (SOPs), handbooks, ConOps and instructions for all internal processes.
* Keep up to date internal SOP/documentations of all processes at a location specified by the Federal Lead (SharePoint, Shared Folder, Knowledgebase, etc.).
* Generate meetings minutes as requested.
* Follow and leverage the internal DHS processes to perform their duties.
* Create and deploy custom reports and dashboards, working with the government points of contact, to provide specific content to the government on a need by basis and as otherwise specified by the Federal Leads on a set frequency.
* Provide weekly and ad hoc reports summarizing the adherence to agreed-upon schedules.
> The report shall include detailed summaries of:
* length and number of delays
* recommendations for "get-well" plans
* Additionally, the reports shall summarize the work completed and milestones met to include metrics.
* Generate trending and ad-hoc reports as requested. Reporting includes extracting data from the CISOD databases, designing, developing, and implementing automated reports. Data being reported may represent subsets of the overall Performance reporting or new/unique data sets based on entire compliance data stored within the supporting tools.
* Engage and support in planning and coordinating the various Working Group Meetings
* Provide guidance and recommendations to Federal SMEs on processes and projects.
* Provide customer service support to DHS Enterprise by responding and resolving DHS Helpdesk tickets.
* Support modernization of all Cybersecurity processes and methodologies to be employed across the Enterprise and MGMT
* Collaborate and coordinate successfully with other contract vendors and Government personnel.
* Respond to component questions via helpdesk tickets, Microsoft Teams messages, emails, and phone calls.
* Provide recommendations and feedback on the DHS policies.
* Provide, develop, maintain, update, store, and distribute weekly/monthly/quarterly/ad-hoc reports, meeting minutes, user feedback as requested by the Federal Lead.
* Propose process improvements accordingly to Federal Lead.
* Support Cybersecurity process innovation and automation to support the new Cybersecurity processes and methodologies that will be developed in automated tools.
* Develop, update, maintain and provide training materials and resources to provide guidance to DHS Enterprise and MGMT on subject areas.
* Develop, maintain, update, store, and distribute Standard Operating Procedures for all routine activities to ensure standardization of activities and enable the transition of activities across members of the team.
* Develop metrics and recommend improvements for tracking progress on cybersecurity subject areas and programs.
* Develop and maintain weekly Executive reports and PMR reports.
* Attend Working Groups, meetings and discussions and provide feedback and ideas for improvements.
* Develop unique Cybersecurity training materials and resources to provide guidance regarding process, documentation and understanding of responsibilities. This can be provided in-person, online or on a training platform like the Performance and Learning Management System (PALMS) or the Federal Virtual Training Environment (FedVTE).
* Develop trainings for users across HQ components based on the new changes recommended by DHS Management for this FY.
* Develop and maintain Key Performance Indicators (KPI) and metrics to evaluate the performance and identify key areas of improvements in the subject areas or programs. Recommend changes to improve the quality and reduce the level of effort and elapsed time required for approved metrics weekly to the Federal Lead.
* Develop metric reports to evaluate Cybersecurity Risk management and
* Scorecard progress on weekly/monthly basis.
* Collaborate with other teams to ensure that Cybersecurity processes are effectively maintained and tracked.
* Work with DHS Enterprise to identify, develop, and implement Cybersecurity programs best practices, and general guidance for use across the federal government.
* Support current and future enhancements and transition of DHS CISOD tools and requirements.
group id: 10109450
