Job Title: Information Security and Privacy Group (ISPG) Lead
Location: Bethesda, MD (On-site with some flexibility for remote work)
Duration: Long Term Contract
Position Overview
Our company is seeking an experienced and dynamic
Information Security and Privacy Group (ISPG) Lead to work on a cybersecurity program for a government agency client. This individual will play a critical role in ensuring the security of sensitive information, maintaining privacy standards, and safeguarding research platforms. The ISPG Lead will support the agency’s cybersecurity policies and ensure compliance with federal regulations and guidelines.
Key Responsibilities
- Leadership: Manage the Information Security and Privacy Group, overseeing a team of cybersecurity professionals.
- Cybersecurity Strategy: Develop and implement cybersecurity strategies that align with the client’s mission and goals.
- Policy Management: Draft, review, update, and maintain security policies, procedures, guidelines, and materials that meet federal regulations and cybersecurity best practices.
- Compliance & Governance: Ensure all systems adhere to privacy and security compliance requirements such as FISMA, HIPAA, and NIST standards.
- Risk Management: Identify, assess, and mitigate risks associated with IT systems and privacy-related information across all platforms.
- Incident Response: Oversee incident response plans, ensuring a rapid and coordinated response to security breaches.
- Executive Communication: Provide executive-level briefings on security posture, risk assessments, and ongoing privacy initiatives.
- Stakeholder Collaboration: Collaborate with internal and external stakeholders, including federal agencies, researchers, and IT teams to enhance security and privacy practices.
Required Qualifications
- Experience: 10 or more years of experience in information technology security, with at least 5 years directly supporting a Federal Agency.
- Leadership: Demonstrated experience in managing personnel and cybersecurity teams.
- Briefing Experience: Strong experience leading and providing executive-level briefings and communications.
- Knowledge: Deep understanding of NIST standards (800-53, 800-37, 800-61), FISMA, and federal IT security and privacy regulations.
- Technical Proficiency: Ability to evaluate, recommend, and implement cybersecurity tools and technologies, with a focus on continuous diagnostics and mitigation (CDM).
Preferred Qualifications
- Education: Bachelor of Science in Computer Science, Information Technology, or a related field.
- Certifications: Certification as a Certified Information Privacy Professional (CIPP) or Certified Information Privacy Manager (CIPM) or equivalent.
- Skills: Strong written and verbal communication skills, along with excellent problem-solving abilities.
