logo inner

Cybersecurity Governance Lead - FCC

cfocussoftwareWashington D.c., United StatesOnsite
cFocus Software seeks a Cybersecurity Governance Lead to join our program supporting the Federal Communications Commission (FCC). This position is on-site in Washington, DC.

Qualifications:


  • Bachelor’s degree in Information Technology, Cybersecurity, Computer Science, Information Technologies, or other related fields
  • Certified Information Systems Security Professional (CISSP)
  • 5+ years of federal security audit related experience
  • Working knowledge of the RMF, Audit support, Information Assurance, Cloud deployments, and Risk Management tools
  • Possess the knowledge, skills, tasks, and capabilities described in the work role Technology Program Auditing (OG_WRL-106) as outlined in the NICE Work Role Framework

Duties:


  • Assist with cybersecurity and privacy tasks incorporating the Risk Management Framework (RMF) for the authorization and accreditation of federal systems.
  • Support reporting, data calls, and deliverables under the Federal Information Security Modernization Act (FISMA), ensuring compliance with all requirements and relevant laws.
  • Design and implement risk management policies and procedures based on guidance from FISMA, OMB Circular A-130, and current versions of NIST Special Publications
  • Conduct Privacy Control Assessments in collaboration with security control assessments, focusing on privacy controls per NIST SP 800-53, SP 800-37, OMB A-130, and federal requirements.
  • Develop and implement automated Privacy Control Assessments to achieve continuous monitoring and minimize manual assessments.
  • Provide customers with guidance on privacy requirements, controls, responsibilities, and implementation methods.
  • Analyze findings from privacy security control assessments (PSCA) and quantify the associated risk.
  • Conduct Privacy Assessments, provide input into System Security Plans (SSPs), Privacy Impact Assessments (PIAs), and Initial Privacy Assessments (IPA), and offer recommendations based on evaluations.
  • Assist the Information System Security Officer (ISSO) with privacy-related duties, including Systems of Records Notices (SORNs), Computer Matching Agreements (CMAs), and Third-Party Web Application PIAs (TPWA PIAs).
  • Support the Cybersecurity Group with IT Security Awareness, Training, and Education of FCC personnel, contractors, and partners.
  • Develop and communicate cybersecurity awareness messaging based on current and evolving cyber threats.
  • Develop, administer, and conduct monthly phishing exercises.
  • As requested, facilitate and deliver New Employee cybersecurity and privacy training and other IT Security Training classes.
  • Collaborate with the Cyber Threat Intelligence Team to deliver cyber threat briefings to key stakeholders.
  • Create, review, and update training material and presentations to stay relevant to federal requirements and best practices
  • Review, update, and analyze OCIO, cybersecurity, and privacy policies in line with federal laws, regulations, and standards, considering unique business objectives.
  • Guide policy development, review, and preparation of final reports.
  • Collaborate with stakeholders, system owners, and FCC leadership to implement practical policies and procedures.
  • Document recommendations for improving legal and regulatory compliance.
  • Deliver executive briefs to FCC leadership and stakeholders.
  • Use the FCC-accredited Enterprise Governance, Risk, and Compliance (eGRC) tool for effective risk management.
  • Maintain regular communication with stakeholders to meet federal reporting requirements.
  • Design, analyze, and implement the FCC Cybersecurity and Privacy Policy.
  • Prepare policy reports outlining recommendations and directives from the CIO and CISO.
  • Manage and update the Cybersecurity Group’s internal policy SharePoint site or relevant document management system
  • Assist in analyzing audit reports, preparing responses, and developing remediation plans.
  • Plan and attend external auditor meetings.
  • Collect, evaluate, and submit artifacts by due dates.
  • Maintain an Audit Tracker Report to monitor audit status.
  • Use the eGRC tool to manage audit data and respond to auditor requests.
  • Prepare comprehensive responses and maintain communication with stakeholders


Life at cfocussoftware

Thrive Here & What We Value1. Remote collaboration within U.S. DOT with cross-functional teams2. Foster collaborative team culture through knowledge sharing3. Promote work-life balance and employee well-being
View more
Your tracker settings

We use cookies and similar methods to recognize visitors and remember their preferences. We also use them to measure ad campaign effectiveness, target ads and analyze site traffic. To learn more about these methods, including how to disable them, view our Cookie Policy or Privacy Policy.

By tapping `Accept`, you consent to the use of these methods by us and third parties. You can always change your tracker preferences by visiting our Cookie Policy.

logo innerThatStartupJob
Discover the best startup and their job positions, all in one place.
Quick SearchSearch JobsSearch Remote Jobs hiring WorldwideSearch Remote Jobs in the USSearch Jobs in IndiaSearch Remote Jobs in UKSearch by Title
AreaCaliforniaMassachusettsNew YorkTexasVirginiaWashington D.C.View all
Popular SubRemote JobsWeb3 JobsiOS Developer JobsFront End Developer Remote JobsComputational Geometry JobsCannabis CareersView all
CompanyAbout UsContact usBlogCreditsCareersPrivacy PolicyCookie Policy
Copyright © 2025