SAIC is seeking qualified personnel for an exciting opportunity in Atlanta, GA and Washington, D.C. SAIC will support the Department of Health and Human Services (HHS) cybersecurity mission to ensure HHS can actively protect the vital health information with which it is entrusted, respond to existing and emerging cybersecurity threats, and continue to enhance the program to ensure HHS has the capability and capacity to respond to new and emerging requirements, technologies and threats. If you are interested in working in this dynamic environment, please review the job description and requirements below and then let us hear from you.
The Governance, Risk and Compliance (GRC) Program Manager will have responsibility for day-to-day analysis of the GRC area of operations. Responsible for the team implementing and operating the GRC area of responsibility.
Principal Duties and Responsibilities
1. Plans, coordinates, and manages the actions taken by an organization to acquire and execute specific tasks. This may occasionally include capture and proposal work in support of the task area; for a majority of the involvement this task is about performing the contract’s assigned areas of responsibility.
2. Integrates all functions and activities necessary to perform the project/program to meet the client or customer requirements.
3. Plans and implements actions by the program/project team to define and implement technical baseline and meet quality requirements for project/program products and services.
4. Directs project team personnel, manage cost and schedule, ensure contract compliance, and serve as principal customer interface.
The OIS Governance, Risk and Compliance Division establishes cybersecurity strategies for the entirety of the HHS enterprise. The Division establishes and maintains strategies for ensuring compliance with guiding cybersecurity laws and mandates; measures and reports compliance with cybersecurity requirements; ensures HHS maintains a risk posture within established risk tolerances; manages cybersecurity risk effectively; develops cybersecurity policies, processes, standards and guidance; and deploys awareness training, and engagement strategies and materials to ensure all HHS workforce is sufficiently knowledgeable to protect against cybersecurity threats, risks, and vulnerabilities.
The GRC Program Manager will:
• Support the development of Department level documentation to include but not limited to users guides, policy guides, change management plans, lexicons, process maps, training plans, system administration documents, templates, reports, dashboards, policies, procedures, and strategic planning documents
• Facilitate discussions among SGRC/Archer stakeholders throughout HHS to identify business requirements, document the requirements and submit those requirements to the responsible parties for implementation into the application
• Recommend change requests when gaps, areas of improvement, or new requirements are identified for the betterment of the application.
• Participate in management’s oversight and evaluation of application change requests and advice on the impacts of doing such changes
• Manage the process of data collection/imports from the OpDivs and disseminate summary reports from SGRC/Archer to HHS leadership and other agency stakeholders
Bachelor’s degree or equivalent and fourteen (14) or more years of experience. Five (5) years of successful project or program manager experience.
Experience in managing projects.
FISMA Compliance knowledge
RSA Archer experience
Candidates must have work experience with RSA Archer. Significant experience with similar projects may be substituted on a case-by-base basis; In-depth Archer GRC experience is preferred, 4 years or more, or experience implementing the product for multiple clients with 2+ years of implementations. Successful candidates will be expected an overview that demonstrated experience with complex GRC systems, including high-value asset analysis.
Experience implementing GRC systems around NIST controls is required; also implementing GRC around Healthcare systems is desired. In addition to the required NIST framework experience, experience aligning systems with FedRAMP controls and processes is desired.
Oversight and experience reviewing the implementation of section 508 accessibility requirements is required.
Experience with recent versions of Trivantis – Lectora Instructional design tools is preferred. Experience publishing training materials in HTML or to web hosting tools is required.
Candidates must have experience managing technical teams in a Federal, Civilian work place.
Candidates must have 10 or more years work experience in progressive assignments that include 4+ years of team supervision and management.
Candidates must have Top Secret clearance with ability to obtain TS/SCI.
Experience working within the Department of Health & Human Services
SAIC is a premier technology integrator solving our nation's most complex modernization and readiness challenges. Our robust portfolio of offerings across the defense, space, civilian, and intelligence markets includes high-end solutions in engineering, IT, and mission solutions. Using our expertise in existing and emerging technologies, we integrate the best components from our own portfolio and our partner ecosystem to deliver innovative, effective, and efficient solutions. We are 25,500 strong; driven by mission, united by purpose, and inspired by opportunities. Headquartered in Reston, Virginia, SAIC has pro forma annual revenues of nearly $7.1 billion. For more information, visit saic.com. For ongoing news, please visit our newsroom. For SAIC benefits information, see Working at SAIC. EOE AA M/F/Vet/Disability