Get new similar jobs by email for
Privacy Incident and Breach Re...
Knowledge Consulting Group (KCG) is one of the largest privately held cybersecurity services firm in the United States; serving as a Federal Government Contractor and supporting Commercial customers. We operate as a trusted cyber advisor to our customers across the country. We take great pride in maintaining a single focus on being the leader in cybersecurity services, providing risk management, governance, operations, and compliance services, utilizing our CISO framework methodology. We are uniquely positioned as a trusted cyber advisor with over 90 percent of our cyber professionals holding security clearances and security-specific certifications. With over 12 years of experience in providing cybersecurity services to our customers, we have a strong record of past performance in advising and executing cyber missions for all types of organizations and sectors.
Applicants selected will be subject to a government security investigation and must meet eligibility requirements for access to classified information. Must be clearable to public trust.
Provide privacy breach response management support throughout the HHS breach management process. Support may include, but is not limited to, providing incident management and breach response from inception, escalation, notification to closure. Support may include, but is not limited to, the following:
a. Privacy Breach Management - Following the HHS Privacy Incident/Breach response process, the contractor shall collect, document, track and monitor all privacy breaches from inception to closure. Deliverables may include breach documentation, reporting, stakeholder meeting minutes, PIRT meeting agendas, etc. HHS Incident/Breach Support consists of the following:
o Once incident intake is completed by CSIRC, conduct initial breach analysis of all privacy incidents determining next steps and referring high profile incidents to the Privacy Incident Response Team (PIRT), maintain and track timeliness of CSIRC incidents and responsiveness
o Maintain and update database of Privacy breaches to include category type, and mitigation actions that resulted in closure of the breach
o Document identified privacy breach mitigation, and next steps for all incidents and communicate in writing to OpDivs
o Elevate high profile incidents to HHS senior leadership
o Coordinate weekly and monthly meetings of the PIRT
o Develop agendas, monthly incident statistics, and meeting minutes for PIRT meetings
o Provide help desk support for privacy incidents and inquiries for future trending
o As requested, update Privacy Incident/Breach Response Management documentation to include, but not limited to: Standard Operating Procedures, Charters, Guidance Documents, etc.
o Identify, document and monitor ongoing Privacy breach remediation activities, trending, etc. and prepare and participate in lessons learned meetings to promote remediation or elimination of overall risk
o Ad hoc duties at the direction of the HHS SAOP or HHS SOP
b. Privacy Breach Reporting - As requested, develop weekly, monthly, quarterly an yearly analyses and reports to reveal ongoing incident management and breach response related patterns, trends, risks, targeted training needs, remediation opportunities, and current state incident and breach response related metrics.
Minimum Education: B.A. or B.S. in related field. B.A. or B.S. may be substituted with 4 years of professional Information Assurance services experience.
Minimum/General Experience: Two years of information assurance services experience. Experience shall be in a related security technology or discipline such as security assessments (planning & compliance, architecture, audits, risk & vulnerability identification), creating and implementing security concepts and policy, encryption technology, firewall technology, or information protection. One of the two years experience shall be in a lead security design or technical task/program leadership position.
Functional Responsibility: Responsible for applying information assurance expertise and knowledge to either network and/or enterprise security. Is familiar with and able to apply “best practices” security methodologies. Functional expertise in one or more information assurance technologies or capabilities such as Vulnerability/Threat Assessments, Network Intrusion Detection, Secure Operations, Firewall Design & Deployment, Public Key Encryption, Virtual Private Networks, etc. Interfaces with all necessary levels of management and staff regarding Information Assurance services. Keeps aware of local, national, and international trends and developments in the area of information security and relates them to the needs of the client.
Possess the following experience:
Ability to translate tactical issues and address them from a strategic perspective.
Ability to function in a fast-paced environment and effectively manage multiple tasks simultaneously; coordinating resources and ensuring scheduled goals are met.
Awareness of current information security and privacy issues and the ability to interpret the requirements of relevant policies and standards set forth in OMB memorandums and NIST documentation, specifically, 800-37, 800-53A, FIPS-199/200, and 800-30.
Ability to assess and weigh current and evolving security and privacy risks in an operational environment.
Proven problem management skills with the ability to think critically.Must be able to leverage technology and apply critical thinking to gather, aggregate, and analyze data, and present results to senior clients.
Knowledge of NIST in regards to how it applies to FISMA reporting.
Ability to work effectively in a team management environment and participate in collaborative initiatives which foster the mutual exchange of knowledge and expertise.
Ability to make decisions and resolve problems effectively – Seek out information and data to evaluate, prioritize and formulate best solution or practice.
Must be able to multi-task, work independently and as part of a team, share workloads, and deal with sudden shifts in project priorities.
Demonstrate leadership and foster collaborative team approach – interacts well with front line and senior management providing consultation and expert advice on information security related topics.
Effectively navigate political landscape and build and strengthen relationships at all levels to include other HHS OpDivs and government vendor partners.
Strong presentation and consulting skills.
Must be able to develop meeting agendas and materials as well as facilitate meetings with the client.
Strong verbal and written communication skills are highly preferred. It is highly desired that candidates possess strong interpersonal skills. Candidates must be fluent in the English language.
Candidates may be asked to provide a writing sample.
Knowledge Consulting Group is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, national origin, age, protected veteran status, disability status, sexual orientation or gender identity.
If interested in the position, please apply directly through our website:
If you have questions or have trouble applying, you may contact: email@example.com.