DoD RMF, Compliance and Risk Management Lead

Tetrad Digital Integrity (TDI) is a leading-edge cybersecurity firm with a mission to safeguard and protect our customers from increasing threats and vulnerabilities in this digital age.
The Cybersecurity DoD RMF, Compliance & Risk Management Lead will be responsible for leading and delivering across a number of special projects, both internal and client facing. If you are a passionate, hands-on cybersecurity practitioner who enjoys making an impact and thrives working with new technologies in a fast-paced environment across multiple projects, ensuring cybersecurity practices are developed and maintained, this role could be for you.
This is a tremendous growth opportunity for the those looking to work across many technology stacks and compliance frameworks as well as participate in business develop efforts and create intellectual capital around governance, risk, and compliance.
RESPONSIBILITIES:

• Manage and provide direction for the TDI team to include scheduling, pricing, project management
• Ensure customer/partner relationship building / customer success
• Lead, manage, and perform the implementation of the Risk Management Framework (RMF) for cloud-based DoD systems (obtain and maintain ATOs).
• Ensure compliance with DoD security policies and procedures.
• Develop and maintain System Security Plans (SSP), Security Assessment Reports (SAR), and Plan of Action and Milestones (POA&M).
• Conduct security control assessments and continuous monitoring activities.
• Provide expert advice on security measures and mitigation strategies.
• Collaborate with cross-functional teams to integrate RMF processes into the system development lifecycle.
• Leverage Google Cloud Platform (GCP) and Microsoft tools and services to enhance system security and compliance.
• Develop and implement security architectures and frameworks for cloud-based DoD systems.
• Conduct security risk assessments and vulnerability analysis on GCP environments.
• Lead, manage, and perform work on internal CMMC and ISO 27001:2022 compliance.
• Lead, manage, and perform work on TDI Core Competency area of GRC.
• Support BD efforts as needed to include partner / customer relationship building and proposal support.

 QUALIFICATIONS:

• Bachelor’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Minimum of 5 years of experience with DoD RMF processes and implementation.
• Expertise in developing and maintaining RMF documentation.
• Expertise in developing and maintaining ISO 27001 documentation.
• Strong understanding of NIST Special Publications (800-37, 800-53, etc.) and DoD security policies.
• Minimum of 1 years of experience with Google Cloud Platform (GCP) services and security.
• Minimum of 1 years of experience serving as an ISSM or comparable role, managing small teams and performing project management activities. 
• Hands-on experience with GCP security tools such as Cloud Security Command Center, Identity and Access Management (IAM), and VPC Service Controls.
• Excellent communication and interpersonal skills.
• Ability to work independently as an individual contributor (SME) and in a team environment.
• Strong time management, analytical, and problem-solving skills.

 PREFERRED QUALIFICATIONS:

• Certifications such as CISSP, CISM, CAP, or equivalent.
• Google Cloud certifications (e.g., Google Cloud Certified - Professional Cloud Architect, Professional Cloud Security Engineer).
• Master’s degree in Cybersecurity, Information Technology, Computer Science, or related field.
• Experience with other cloud platforms (AWS, Azure) and multi-cloud security strategies.
• Experience working with software development / modern IaC tools and practices such as GitLab, Ci/CD, and DevSecOps practices and tools.
• Experience with automated security testing tools and continuous monitoring solutions.
• Experience with cybersecurity metrics.