Cyber Security Assessment SME
Overview
ERPi is a small business, dedicated to values of trust and integrity. Our mission is to deliver professional services as a trusted agent and expert enterprise program management services for Federal clients. At ERPi, we look for individuals who want to be a part of team and work collaboratively to offer creative solutions.
We are looking for an Cyber Security Assessment SME (Information Systems (IS)) Auditor to support our Client in Washington, DC. The CSA SME will create Privacy Controls Assessments (PCA) and Privacy Assessment Reports (PAR) for new and modified systems and projects against the SEC’s identified set of privacy controls.
- Responsible for the daily activities, implement practices and deadlines;
- Lead engagements with SEC system and business owners;
- Manage, conduct, and oversee assessments of privacy controls;
- Develop privacy control assessment plans and Privacy Assessment Reports (PAR) for said systems
- Perform assessments at the risk levels, privacy information management and remediation options to remove privacy risks
- Maintain documentation for each assessed system
Responsibilities
- A Bachelor's and 10+ years of relevant experience, or a Master's and 8+ years of relevant experience, primarily within control assessment and reporting in the Federal environment
- CISSP or CISA Certification
- Assessment management experience with information systems, and security and privacy controls
- Strong oral and written communication skills (briefings, presentations, and training sessions)
Desired Skills and Experience:
- Experience supporting customers in SEC is a plus
- Experience leading assessment teams
- Knowledgeable of the NIST Risk Management Framework (RMF)
- Certified in Governance of Enterprise IT (CGEIT)
- Certification(s) in Privacy (such as CIPP/US or CIPP/G), a plus
Clearance:
- This position requires US Citizenship; able to obtain a Public Trust clearance