* Serve as a Lead Security Specialist through the implementation of an enterprise-wide GRC tool (RSAM) - to include supporting gathering requirements, developing workflows, configuring the tool, and deploying to users.
* Transform policies, standards, processes, and other cybersecurity requirements, into configurations for the RSAM GRC tool to be implemented by the Office of Cybersecurity, to include control requirements, control assessment methods, SA&A lifecycle workflows, etc. Develop, test, and deploy standard reports and charts using the RSAM tool.
* Provide evaluations of information security policies and procedures. The Contractor shall advise the Cybersecurity team on pertinent developments in federal information security policy as it pertains to CFPB. When the Cybersecurity team is called on to respond to newly proposed information security directives and similar policy documents, the Contractor shall assess the impact of these changes on a respective program and draft responses for review, approval, and submission by appropriate Government personnel.
* Monitor and advise the Cybersecurity team on relevant changes in information security policy and compliance. The Contractor shall raise such developments to the attention of appropriate persons within the Cybersecurity team and promote sufficient detail such that the change and potential impacts are understood to assure they are properly addressed.
* Support the Cybersecurity team in aligning and maintaining consistency of information security requirements defined in or derived from program policies and other business writings.
* Assist in the development, review, or updating of information security policies and procedures to be applied consistently across the systems, services and sites. The Contractor shall prepare, in finished form, policies, standards, processes and other business writings.
* Manage delivery of multiple Cybersecurity efforts (including RSAM projects) through the complete life cycle. This includes:
* Ensuring that projects are delivered on-time and in compliance with business and technical requirements.
* Develop project communication plans, define delivery team roles and responsibilities on the project, plan and manage project schedules.
* Monitor and track progress against milestones, deadlines, and requirements traceability matrices. Report on these items to key project stakeholders.
* Maintain issue logs and facilitate issue resolution. Anticipate, manage, and address risks and project challenges.
* Understand high-level business, functional and technical solution requirements, and be able to facilitate communication and coordinate discussions that drive decisions at the appropriate stage of the process.
* Oversee production of project-specific documentation, project plans, requirements and design documents, manage sign off, stakeholder change control and project close out processes