Security Policy and Compliance Lead

Valiant Solutions is seeking a Security Policy and Compliance Lead to join our growing team. This is your opportunity to lead efforts in selecting effective countermeasures for minimizing potential risks for a large federal agency. This challenge involves selecting the right measures to offset risk while keeping budget and security in mind.  You will work with our clients daily and must be prepared to gather and recommend requirements and develop solutions using knowledge and experience. This role involves leading the development of IT security policy, procedure, and updating these documents based on a schedule.

The successful candidate will have expert knowledge of NIST Policies, IT Governance, Security Planning and Architecture, FISMA Compliance, RMF, Incident Analysis, and general security best practices and be able to apply these concepts and principles across multiple compliance disciplines. They will possess excellent oral and written communication skills and experience influencing, collaborating, and consensus-building with federal agencies. The candidate will also have a technical background in implementing, overseeing, or working with security technologies that support an information security program. The candidate will have a solid understanding of Operational Security processes, including knowledge of network security, conducting threat and risk assessments, and formulating countermeasures to mitigate security risks. This experience is necessary to develop and implement a successful program that will help our client become more efficient and effective in protecting the organization’s data and IT systems. This position requires project management capabilities and the ability to lead small teams in technical projects. Valiant Solutions is a company that cares about its employees- we've been named one of the Best Places to Work in the Washington DC area EIGHT years in a row!   If you are interested in learning more about Valiant and this opportunity, we invite you to apply now! 

This position allows for 100% remote work. Remote work necessitates a high-level trust in our employees and we strictly adhere to the details found below in our Remote Work Policy. 

Required Skills and Education:

• Bachelor’s degree in Computer Science or a related field, or an additional four years of industry experience. 
• CISSP
• PMI/PMP certification
• Expert knowledge of NIST Policies, IT Governance, Security Planning and Architecture, FISMA Compliance, RMF, Incident Analysis, and general security best practices. The successful candidate will be required to interpret standards, mandates, and policy requirements and translate them into operational plans and processes. 
• Experience supporting the development and maintenance of all security documentation such as the System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, POA&M, annual FISMA assessment, and incident reports.
• Experience with Security Governance tools such as Cybersecurity Asset Management (CSAM), or Archer GRC tools.
• 15+ years of Information Security experience. This experience must include experience working in multiple security domains in order to demonstrate broad security knowledge. This experience will include experience in many of the following areas:
  • governance, risk, and compliance 
  • security operations
  • security policy development
  • vulnerability management
  • cloud security
• Experience leading the implementation of a risk management programs, including the development of strategy, schedules, implementation plans, and SOPs.
• Experience facilitating agency meetings, preparing and presenting analysis, training team members, and monitoring and measuring IT security programs or functions.

Preferred Skills and Education

• CISM, or equivalent certification preferred

Responsibilities: 

• Analyzing and defining security requirements for information protection.
• Ability to execute with limited direction or conceptual direction, anticipates customer needs, and proactively support those needs.
• Support agency wide policy and procedure monitoring activities and associated reporting
• Leading policy and procedure efforts and mentoring junior staff
• Developing metrics and gathering data to support these metrics throughout the government fiscal year
• Being a  key contributor to project deliverables working directly with the customer
• Leading the development and maintenance of security documentation such as the System Security Plan, Privacy Impact Assessment, Configuration Management Plan, Contingency Plan, Contingency Plan Test Report, POA&M, annual FISMA assessment, and incident reports,.
• Overseeing and managing relationships for assigned systems that may be contractor-owned and contractor-operated, ensuring vendors comply with agency security and privacy requirements.
• Stay informed of emerging technologies, industry best practices, and government cybersecurity directives to provide security architecture and security engineering guidance and advisory services
• Conduct security reviews and proof of concept of latest technologies, software, cloud services (AWS, Azure and GCP).  
• Perform security architecture reviews, and security controls implementation determination and review in a timely manner for on prem, hybrid and cloud-based FISMA systems to ensure critical control areas throughout the architecture are designed to meet security requirements.
• Develop a threat modeling and/or architecture risk analysis framework and related templates and processes to mature the Security Architecture Review program. 

About Valiant Solutions

Valiant Solutions is a security-focused IT solutions provider with public clients nationwide. We are a HUBZone small business and we encourage all candidates who live in a HUBZone to apply. Named one of the fastest growing privately held companies by Inc. 5000, Washington Technology’s Fast 50, and Washington Business Journal’s Best Places to Work in the D.C. area, Valiant Solutions prides itself on providing its employees with great benefits and career development opportunities. As a company, we are just as committed to growing careers as we are to building world-class IT solutions, all while enjoying an unparalleled work-life balance. We are in a phase of tremendous growth and building the team that will take us to the next level. We seek people whose talents and accomplishments will contribute to a thriving company, who have the character to support their capacity, and can make a positive impact on our culture. Alongside our talented team, you’ll learn to think quickly on your feet and expand your own personal and professional skill set. Our management team will inspire you to consider new perspectives and challenge you to become a better practitioner in the fast-paced industry of IT security. We hire people we respect – and we trust them to deliver results leveraging their expertise. If you would enjoy working in a dynamic environment as part of a stellar team of professionals, then we invite you to apply online today.

Benefits Snapshot (includes, but not limited to)

Valiant pays 99% of the Medical, Dental, and Vision Coverage for Full-time Employees

Valiant contributes 25% towards Health Coverage for Family and Dependents

100% Paid Short Term Disability and Life Insurance Policy for Full-time Employees

100% Paid Certifications

401K Matching up to 4%

Paid Time Off

Paid Time On – 40 hours to pursue innovation

Wellness & Fitness Program

Valiant University – Online Education and Training Portal

Reimbursement for Public Transit and Parking

FSA programs for: Medical Costs, Dependent Care, Transit, and Parking

Referral Bonuses

Remote Work Policy 

Remote work necessitates a high-level of trust in our employees. To ensure that employee performance does not suffer in a remote work environment, all employees who telecommute are expected to have a quiet and distraction-free workspace with adequate internet, dedicate their full attention and availability to their job duties during working hours, and maintain a schedule during core business hours that align with those of their coworkers and Valiant's clients. Additionally, in alignment with the Office of the Inspector General’s effort to eliminate conflicting employment, all Valiant employees are required to disclose any current or future outside employment engagements. During onboarding and throughout employment, employees must disclose any current activities or intent to engage in outside employment or other professional activities and obtain written approval.  Employees may not solicit or conduct any outside business during core business hours for Valiant Solutions and our clients.

Vaccination Mandate

In accordance with Executive Order 14043, Federal employees and contractors are required to be fully vaccinated against COVID-19 regardless of the employee's duty location, or work arrangement (e.g., telework, remote work, etc.), subject to exceptions that may be required by law. If selected, you will be required to submit proof of vaccination on or before your entrance on duty if you are selected after the compliance date. Human Resources will provide information for providing proof of vaccination and instructions for how to submit a request for a legally required exception, if needed, to comply with vaccination requirements.

Equal Employment Opportunity

Valiant Solutions is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, ethnicity, color, national origin, sex (including pregnancy, sex stereotyping, gender identity, gender expression or transgender status), religion, age, marital status, sexual orientation, military/veteran status, physical or mental disability, genetic information/history or any other personal characteristic protected by law.

Physical Demands

Sitting or standing at a desk for prolonged periods of time and consistent operation of a computer. Frequent communication and exchanging of accurate information via electronic communication, phones, and in person. Occasionally lift and/or move moderate amounts of weight, typically less than 20 pounds. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions of the job.

Authorization to Share Resume and Personal Information

By submitting your resume for this position, you authorize Valiant Solutions to share your resume, as well as, personal information included on the resume, with its subsidiaries, affiliates and teaming partners for the purpose of considering you for this position and other available positions requiring comparable skills, education and experience. Should Valiant Solutions or its affiliates and teaming partners wish to initiate pre-employment discussions, you will be asked to complete an employment application and related employment documents.