ClearFocus Technologies, a HUBZone certified company, is located in Leesburg, VA. We specialize in cybersecurity and support multiple government and commercial clients for a variety of missions. We value our clients, integrity and employees and believe a single person can make a difference!
We are committed to attracting and retaining the best and brightest talent who desire to work with industry leading technology to stay on top of their profession. We provide an excellent benefit package which includes medical, dental, vision, paid time off, 401(k), paid professional development reimbursement and more!
We are currently looking for a Remote Risk and Compliance Associate Manager that will be responsible for conducting Security Control Assessments on a wide range of Federal information systems including General Support Systems and major applications, based on NIST 800-53A. This role will include frequent interaction with client stakeholders and submission of critical client deliverables.
Roles & Responsibilities
- Conduct Security Control Assessment kick off and outbrief meetings with key system stakeholders and client senior managements
- Assess security controls for compliance with various Federal, Department, and client level security requirements
- Develop critical client deliverables including Security Assessment Plans, Security Requirements Traceability Matrices, and Security Assessment Reports
- Provides recommendations in order to better secure systems for Federal systems
- Must possess at least 5 years of relevant work experience and a bachelor's degree in a related field from an accredited university
- Security related certification (Security +, CISSP, CISA, etc.)
- At least 5 years experience conducting Security Control Assessments or similar system assessments/audits on Federal (civil) information systems
- At least 5 years experience performing Risk Assessments
- Knowledge of NIST security publications
- Excellent written and verbal skills
- US Citizen, Public Trust preferred
- Experience preparing for or conducting a NIST, FEDRAMP, or DIACAP security assessment, or security breach investigation
- Knowledge of security vendors and security product capabilities
- Exposure to Governance, Risk and Compliance tools and platforms