SAIC is seeking qualified personnel for an exciting opportunity in Atlanta, GA and Washington, D.C. SAIC will support the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats. If you are interested in working in this dynamic environment, please review the job description and requirements below and then let us hear from you.
The program manager is responsible for the efficient integration of technical and programmatic support functions, the successful implementation of governance process improvements, and delivering outcomes that result in the government achieving their strategic objectives. The program manager will
• Manage and integrate activities in accordance with contract requirements
• Ensure technical, schedule, cost, and financial performance
• Define or contribute to the program baseline, then execute the program to comply with baseline requirements.
• Manage risk and customer relationships.
• Ensure compliance with quality standards and escalate challenges to leadership.
• Support business development and program staff management.
• Oversee day-to-day financial analysis of area operations.
Implement procedures for the efficient integration of technical and programmatic support functions, the successful implementation of governance process improvements, and delivering outcomes that result in the government achieving their strategic objectives.
The OS Data Guardian Program was established to provide a transparent, collaborative, innovative forum in which all OS StaffDivs can work together to solve problems and share ideas, to improve the overall security posture of the organization. The Data Guardian & Training Program Manager will be responsible for the following Data Guardian tasks:
• Assisting in the ongoing coordination of all Data Guardian Program Activities with specific experience in cybersecurity and/or privacy.
• Assisting in developing a program to promote and reinforce a consistent culture of security and privacy.
• Developing and providing communications enabling an effective conduit for information dissemination.
• Planning, establishing, and facilitating ongoing meetings and forums to stimulate open and solution-driven conversations regarding ongoing security and privacy issues and concerns. Establish agenda items and collect and maintain meeting minutes, notes, action plans, risks and issues for all engagements. Provide strong leadership, communication, and presentation skills to communicate to a wide range of participants.
• Collecting and disseminating privacy and security best-practices, and to provide a venue for knowledge sharing and training.
• Identifying, developing, and communicating a record and documentation of on the current needs of the customer, both collectively and individually.
• Maintaining tracking and ongoing prioritization of identified issues. Track and communicate recommended solutions and progress
• Providing analysis of the cybersecurity and privacy needs to identify risks, issues, and problem areas. Communicate these items of concern to the customer.
• Assisting in the ongoing Data Guardian program development and evolution as needs are recognized. Identify, create, and submit for review Standard Operating Procedures and templates needed for Data Guardian engagements.
Training management is required in support of Ongoing Authorization (OA), Our client wants you to engage stakeholders in the OA process and establish responsibilities for the various information security roles through ISSO Training. Training for ISSO’s will be developed to support the operational duties of ISSO’s to enhance the activities required for OA. The OA program around Cyber Security aims to control risks, threats, vulnerabilities which may affect IT Assets.
The Data Guardian & Training Program Manager will be responsible for the following Training Management tasks:
• Engage stakeholders in the OA process and establish responsibilities for the various information security roles through ISSO Training. Training for ISSO’s will be developed to support the operational duties of ISSO’s to enhance the activities required for OA. The OA program around Cyber Security aims to control risks, threats, vulnerabilities which may affect IT Assets.
• Identify and understand the necessary requirements for ISSOs.
• Develop a means to measure and assess the ISSO execution needs.
• Identify and assess the understanding of the Security training needs for OS.
• Develop a GAP training plan to ensure needs align to baseline requirements and standards.
• Develop and Facilitate ISSO training programs. Establish content, training presentations, curriculum, training manuals, trainer guides, and associated material. Incorporate use of current processes and procedures with new Ongoing Authorization (OA) requirements to prepare ISSOs of additional OA responsibilities.
• Develop means to analyze and gauge training impact and performance through areas such as testing, assessments, interviews, surveys, and other applicable means.
• Plan, coordinate, facilitate, and execute ISSO training programs as directed by Government leads to recipients. Ensure coordination of training logistics including, time, space, attendees, and resources.
• Develop, coordinate, and facilitate ongoing ISSO “Collaboration Partners” forums.
• Provide support to the OIS-OS Training and Awareness Compliance reporting team; coordinate, manage, track, and report CyberSecurity Awareness Training.
Bachelor’s degree or equivalent fourteen (14) or more years of experience. Five (5) years of successful project or program manager experience.
HHS uses many tools to implement security controls. Mayor applications that applicants must have experience with include:
• Applicants must have experience interpreting and directing follow up vulnerability scans with Nessus, web application scans with dbPRotect
• Experience managing GRC with RSA Archer is desired, some management dashboard, if not Archer, is required
• Some experience with code security and interpreting Fortify reports is required
• Experience implementing NIST 800-53 controls is required
Candidates must be able to obtain a Public Trust security
Experience working within the Department of Health & Human Services