Demo
Salary Resume Critique Job Openings

Information Assurance Risk Manager

U.S. House of Representatives, CAO
Washington, DC Full Time
POSTED ON 1/17/2025
AVAILABLE BEFORE 4/11/2025

Information Assurance Risk Manager

Ensure you read the information regarding this opportunity thoroughly before making an application.

Salary Range : $152,352.00 - 170,102.00

Closing Date : 1 / 31 / 2025

Job Summary

The Office of the Chief Administrative Officer (CAO) provides operations support services and business solutions to the community of 10,000 House Members, Officers and staff. The CAO organization comprises more than 600 technical and administrative staff working in a variety of areas, including information technology, finance, budget management, human resources, payroll, childcare, food and vending, procurement, logistics and administrative counsel.

Cybersecurity is seeking an Information Assurance Risk Manager to provide leadership in the development and practical application of risk management governance, risk, and compliance efforts in direct support of the U.S. House of Representatives CAO's Office of Cybersecurity.

This position has day to day supervisory / managerial responsibilities.

Primary Duties / Responsibilities

  • Risk Management Governance : Develop, implement and ensure the rigorous application of risk management focused information security policies, procedures and other governance artifacts. Create, promote, and adhere to standardized, repeatable processes for the delivery of risk management services to the CAO. Provide both generalized and specialized input concerning risk management security standards and policy for IT plans, roadmaps, and prioritization of projects.
  • Assessment and Authorization (A&A) Expertise : Manage Information System Security Officers (ISSO) to support information technology (IT) security goals and objectives and reduce overall organizational risk. Advise ISSOs on all matters, technical and otherwise, involving the security of assigned IT systems. Provide role-based training for assigned ISSOs specific to their roles and responsibilities. Guide ISSOs in the development, and technical review of System Security Plans (SSP), which document all technical and procedural system security features. Lead the development and completion of security assessment packages that include the System Security Plan (SSP), Security Assessment Report (SAR), Risk Assessment Report (RAR), system Plan of Actions and Milestones (POA&M) and appropriate authorization letters. Oversee independent assessors in the assessment of CAO authorization boundaries. Advise senior management (e.g., Information Assurance Director and Chief Information Security Officer [CISO]) on risk levels and security posture.) Advise appropriate senior leadership or Authorizing Official of changes affecting the organization's cybersecurity posture.
  • System Development Lifecycle Outreach : Engage with program offices in the development phase to recommend security capabilities, provide technical guidance, and identify existing security controls that can minimize risk for applications, infrastructure, and vendor / third parties. Review proposed new systems, networks, and software designs for potential security risks; recommend mitigation or countermeasures and resolve integration issues related to the implementation of new systems within the existing infrastructure. Work with House Information Security Compliance Program to ensure all software systems are implemented according to House information security policies and technical guidelines.
  • Security Risk Management Reporting : Analyze, synthesize, and report on the security posture of the HIR using data maintained by stakeholders and recorded into the CAO's security risk assessment tool. Work with senior leadership to help determine acceptable levels of risk for the enterprise. Conduct independent or coordinated studies to identify, evaluate or recommend solutions to significant systems management problems that are likely to be complex and sensitive in nature. Interface with technology leadership, Internal Controls, and Office of the Inspector General to communicate A&A status, collaborate on implementation of the RMF, and manage open audit and internal control findings. Provide technical support for responding to and implementing Office of Inspector General and Internal Controls / Internal Audit recommendations. Develop, conduct, and prepare reports for security audits, reviews and other actions, as appropriate.
  • Risk Management Program Oversight : Lead the daily activities for risk management team. Research and recommend innovative, secure, and (where possible) automated solutions to improve risk management processes and activities. Establish, assign and review short and long-term security risk management projects. Establish and support professional goals and objectives; train new employees and evaluate work performance.
  • Resource Management : Perform various aspects of federal staff and contract management related duties. Lead direct reports and cross-functional teams as one unit or team.
  • Performs other official duties as assigned.

Qualifications

  • Minimum of eight (8) years of demonstrated work experience in cybersecurity risk management.
  • Demonstrated experience managing small-scale teams.
  • Demonstrated experience in systems security assessments, reviewing system security documentation for successful security authorization of such systems.
  • Strong knowledge and expertise with cybersecurity guidelines such as NIST publications.
  • Demonstrated experience developing and maintaining assessment and authorization packages.
  • Proven technical acumen and understanding of common operating systems and network technologies, risk management frameworks, and common security tools and scanners.
  • Demonstrated understanding of cloud service models, hybrid applications, and mobile security technologies and tools.
  • Understanding of management, operational and technical cybersecurity principles.
  • Experience with privacy principles and frameworks is preferred.
  • Excellent written and oral communication skills.
  • Bachelor's degree in computer science, information technology, cybersecurity, or a related technical discipline required.
  • Current and maintained certification in one or more of the following IT Security disciplines : Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM) or Certified Information Systems Security Professional (CISSP) or equivalent certification required.
  • Continued employment is contingent upon satisfactorily completing a criminal history records check (or other applicable security clearance) and a pre-employment drug-test (pre-identified position only).

    • PDN-9de887b8-a998-4f27-b6ec-2220fc4a7dc6

    Salary : $152,352 - $170,102

    If your compensation planning software is too rigid to deploy winning incentive strategies, it’s time to find an adaptable solution. Compensation Planning
    Enhance your organization's compensation strategy with salary data sets that HR and team managers can use to pay your staff right. Surveys & Data Sets

    What is the career path for a Information Assurance Risk Manager?

    Sign up to receive alerts about other jobs on the Information Assurance Risk Manager career path by checking the boxes next to the positions that interest you.
    Income Estimation: 
    $146,903 - $190,426
    Income Estimation: 
    $184,935 - $241,667
    Income Estimation: 
    $152,549 - $188,894
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $135,994 - $168,063
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $194,072 - $240,547
    Income Estimation: 
    $220,784 - $286,649
    Income Estimation: 
    $87,093 - $107,335
    Income Estimation: 
    $111,725 - $147,313
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Income Estimation: 
    $112,673 - $137,290
    Income Estimation: 
    $139,945 - $168,577
    Income Estimation: 
    $140,233 - $181,029
    Income Estimation: 
    $161,209 - $233,553
    Employees: Get a Salary Increase
    View Core, Job Family, and Industry Job Skills and Competency Data for more than 15,000 Job Titles Skills Library

    Job openings at U.S. House of Representatives, CAO

    Teacher Aide
    U.S. House of Representatives, CAO
    Hired Organization Address Washington, DC Full Time
    Teacher Aide Applying for this role is straight forward Scroll down and click on Apply to be considered for this positio...
    Talent Management & Engagement Manager
    U.S. House of Representatives, CAO
    Hired Organization Address Washington, DC Full Time
    Talent Management & Engagement Manager Salary Range : 134,000.00 - 152,000.00 Closing Date : 1 / 31 / 2025 The Office of...
    Junior Contracts Specialist
    U.S. House of Representatives, CAO
    Hired Organization Address Washington, DC Full Time
    Junior Contracts Specialist Salary Range : 81,625.00 - 92,981.00 Closing Date : 1 / 30 / 2025 Job Summary : The Office o...
    Employee Relations Specialist
    U.S. House of Representatives, CAO
    Hired Organization Address Washington, DC Full Time
    Employee Relations Specialist Salary Range : 92,000.00 - 110,000.00 Closing Date : 2 / 7 / 2025 The Office of the Chief ...
    View More Jobs at U.S. House of Representatives, CAO

    Not the job you're looking for? Here are some other Information Assurance Risk Manager jobs in the Washington, DC area that may be a better fit.

    Manager, Product Management - Risk Management

    Information Technology Senior Management Forum, Mc Lean, VA

    Information Assurance Manager

    Prequel Solutions, Washington, DC

    View More Jobs

    AI Assistant is available now!

    Feel free to start your new journey!