- Washington, DC, USA
- Clearance Level: Top Secret
MindPoint Group has been focused on Cybersecurity consulting since its inception. We are the trusted cybersecurity advisors to key government and commercial decision-makers. MindPoint Group supports security operations for the most security-conscious organizations in the world, and we design and implement innovative security solutions to defend against today’s risks, and tomorrow’s potential attacks.
We believe that helping organizations operate from the best security posture possible requires automation. We believe that empowering our employees to excel and providing them with the means to do so enables MindPoint Group to consistently exceed our clients’ expectations.
Unlike many IT consultancies, we’re not a body shop. Our client engagements are challenging and growth-oriented. Our relationship with you is for the long run because in this business, your success is our success. That’s why we treat investments in employees as investments in the company itself, which is why we offer fantastic benefits (healthcare, generous PTO, paid maternity and paternity leave, and tuition reimbursement to name a few).
But you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you.
We are an established, profitable, and growing company that promises you the following:
- A diverse organization.
- A safe workplace with zero tolerance for discrimination and harassment of any kind.
- A balanced work life. Seriously.
- Potential of a flexible schedule, depending on client.
- A leadership team that is focused on your professional growth and development.
We’re looking for a dynamic, confident up-and-coming CISO. In this role, you will:
- Serve as a trusted advisor to the CISO and Deputy CISO as an expert in the field of information assurance and cybersecurity.
- Represent the Department in working groups and cybersecurity committees that are tackling the government’s current and emerging challenges such as maturing the CDM program, automating the ATO process, and developing and implementing enterprise security services.
- Lead the development of the Department’s program for identifying, protecting, and monitoring its High Value Assets (HVAs).
- Oversee and manage day-to-day operation of information systems, including advanced technical assistance.
- Perform control reviews, security audits, evaluations, and risk assessments of sensitive and complex operational systems and facilities and provides recommendations for remediating detected vulnerabilities.
- Conduct application, system, and network security assessments, analyses, authorizations, and evaluations in classified and sensitive environments.
- Develop requirements and specifications for reviewing and approving procurement requests, major systems development activities, telecommunications hardware and software, and hardware and software encryption techniques on the basis of security concerns.
- ·Broadly assess technology to ensure security vulnerabilities are identified and remediated.
- Analyze and optimize system operation and resource utilization, and perform system capacity planning/analysis while maintaining the security posture.
- Provide Automated Indicator Sharing (AIS) and client network guidance, training, research and recommendations.
- Support specific technical reviews to support non-standard operational requirements and systems, including design, development, and maintenance of unique security assessment security tools and conducting assessments.
- Minimum 6 years of general work experience and 3 years of relevant experience.
- Bachelor’s Degree, or an equivalent combination of formal education, experience (eight years of experience in Functional Responsibility area may be substituted for a Bachelor’s Degree). A Master’s Degree may be substituted for 4 years of general work experience.
- Minimum of a Secret security clearance.
- Well-versed in risk management and must have experience working with SDLC, and performing security tasks throughout.
- Experience with and working understanding of FISMA compliance, experience conducting all phases of Certification and Accreditation and creating documentation in accordance with NIST guidance.
- Well versed with NIST publications, OMB circulars and memoranda, and CNSS publications and their requirements and impact on system security.
- Understanding of and experience with CSAM is a plus.
- Strong analytical and organizational skills.
- Concise writing skills.
All your information will be kept confidential according to EEO guidelines.