ZERO TRUST PROCESS RE-ENGINEERING SME

Job Description

Job Description

ZERO TRUST PROCESS RE-ENGINEERING SME

MILITARY FRIENDLY & PREFERRED - HOH SPONSOR

SUMMARY:

Zermount Inc. is seeking a Zero Trust (ZT) Process Re-Engineer SME, you will provide subject matter expertise in the review and analysis of Executive Order's (EO's) (e.g., EO 14028), OMB Mandates (OMB M) (e.g., OMB M 22-09, M 21-31, etc.), Federal requirements and laws, and Department directives, policies, and process and developing Agency level policies, processes, procedures, standards, and guidelines. Collaborate with stakeholders to understand, document, and implement effective business processes in support of the Agency ZT initiative.

DUTIES & RESPONSIBILITIES:

The ZT Process Re-Engineering SME will lead provide the follow support and services:

• Assist with updates to the clients ZT roadmap and implementation plan.
• Review and interpret Executive Orders (EOs), OMB memos, Public Law (PL), DHS directives such as Binding Operational Directives (BODs), DHS Undersecretary Memos, NIST SPs, and recommended best practices and provide recommendations and potential solutions to meet requirements.
• Conduct gap analyses in existing Agency policy documentation (policies, processes, SOPs, standards, guidelines, white papers, and training) compliance with Cybersecurity mandates, requirements, and best practices; develop report and roadmap to meet compliance requirements and obtain client approval to implement appropriate policy documentation.
• Provide guidance and insights necessary for meeting requirements established through the OMB M's or EO's.
• Assist in the development of the enterprise ZT common Control Catalogue (CCC).
• Assist leadership with ZT initiative to include planning, scheduling, guidance, solutions, reporting, performance metrics, and recommendations.
• Assist and support for all internal and external ZT data calls, requests, audits, compliance, and updates - ensuring accurate information and statuses are obtained and provided.
• Manage the policy inquiry/intake mailbox or policy help desk.
• Support the client in interpreting and implementing IT public policy initiatives. Typical support includes assistance with long-term strategy development, tracking legislation, and making policy recommendations. Meet with customers often daily to relay progress and establish priorities.
• Track and resolve cybersecurity policy related questions.
• Conduct internal and external policy research to support help desk policy inquiries using various sources and approved documentation.
• Review, interpret, edit, create, and update cybersecurity policy related documents utilizing the Zermount Agile approach.
• Create new cybersecurity policy documents as needed to address identified gaps or changes emanating from EO's, OMB M's, NIST, DHS, or TSA mandates.
• Modify/update existing IAD cybersecurity-related policy standard operating procedures (SOPs), technical standards (TSs), management directives (MDs), CCSH, TSA Forms, Open-Source Software (OSS) guide, SSI Program and Privacy Office related document reviews, and related Notification Memos capturing summary of changes.

QUALIFICATIONS:

• A minimum of 10 years of IT cybersecurity experience, including direct support for the US Government and 5 years serving as a Policy Analyst for an enterprise IT system. 13 years if the candidate does not have a bachelor's degree.
• Knowledge of NIST Guidelines and FISMA Cybersecurity compliance requirements.
• Technical knowledge of complex enterprise IT systems.
• Knowledge and skill with Microsoft Suite such as Word, Excel, PowerPoint, Outlook and SharePoint management.
• Experience communicating effectively, both oral and written, with technical, non-technical, and executive-level customers.
• Knowledge of Zero Trust architecture, principles, and methodologies, EO 14028, OMB M 22-09, Federal, DoD, and CISA Zero Trust Architecture, Maturity Model, and Technical Reference Architectures.
• Experience with in-depth analysis of Cybersecurity, IT, and Risk Management principles, requirements, and principles.
• Ability to work independently and as part of a team.
• Ability to navigate complex and politically sensitive client environments with professionalism, patience, and tact.
• Demonstrated ability to effectively engage and manage relationships with highly political clients while maintaining a professional demeanor, exhibiting patience, and navigating sensitive situations with tact.
• Experience with Zero Trust principals, practices, and maturity model

EDUCATION:

Bachelor preferable but professional experience is Permitted.

• Minimum of a Bachelor of Science (or higher) in one of the following: computer engineering, computer science, IT, cyber security, or a related field.
  • Relevant years of experience may be used in substitution for situations where the candidate does not have a Bachelor's degree in the required field.

CERTIFICATIONS:

A minimum of at least one of the following certifications is required:

• Certified Information Security Manager (CISM)
• Certified Information Systems Security Professional (CISSP)
• Certificate of Cloud Security Knowledge (CCSK)
• Certified Chief Information Security Officer (CCISO)
• Similar certification.

CLEARANCE:

Minimum of an active Secret Clearance.

HOURS OF OEPRATION:

8:00 am EST - 4:30 pm EST