Cyber QA Lead

MindPoint Group delivers industry-leading cybersecurity solutions, services, and products. We are trusted cybersecurity advisors to key government and commercial decision-makers and support security operations for some of the most security-conscious organizations globally. 

Our relationship with you is for the long run because your success is our success. We invest in your success through fantastic benefits (healthcare, generous PTO, paid parental leave, and tuition reimbursement, to name a few). 

Beyond just excellent pay and benefits, you’ll want to work here for reasons that can’t be written into an offer letter—the challenge, growth opportunities, and most important: the culture of a company that cares about you. 

A position at MPG promises you 

• A diverse organization 
• A safe workplace with zero tolerance for discrimination or harassment of any kind  
• A balanced work life. Seriously.  
• A stable, established, and growing business
• A leadership team focused on your professional growth and development

This role is contingent upon award.  This role shall perform technical Quality Assurance (QA) with special technical and analytical reviews and focus on critical areas in support of the client RMF Program. In addition, the contractor shall perform QA across all contract activities and tasks, including project, program plans, and schedules to ensure quality, error-free products are delivered. Key responsibilities include:

• Conduct QA reviews of project management deliverables
• Conduct QA reviews of security assessment deliverables by
  • Examining assessment deliverables for inconsistencies, inaccuracies, incompleteness, generic findings and recommendation statements, incongruent risk analysis, and business context
  • Ensuring testing procedures were followed properly and that assessment results documentation has recorded observations and evidence, and traceability from the requirement to the finding
  • Ensuring assessment deliverables contain system-specific risk analysis results for each finding identified during each assessment
• Check authorization briefing decks, memos, and security assessment reports for quality, consistency, accuracy, and for errors prior to submissions to client staff
• Develop 15 client-approved QA checklists to conduct reviews the first year and 4 additional per year thereafter
• Submit completed checklists per SLAs defined in the Quality Management and Assurance Plan (QMAP)

Required Qualifications:

• Three (3) years of managing technical security QA team/SA&A Package Independent Validation & Verification (IV&V) is required
• Six (6) years of experience developing RMF documentation is required
• Six (6) years of experience conducting security and privacy control assessments is required
• Eight (8) years of Information Security experience is required
• Two (2) years of experience with eGRC tools is required
• Experience with ServiceNow GRC tool suite, including CAM, is preferred
• Certified in Certified Information Systems Security Professional (CISSP), Certified Risk and Information Systems Control (CRISC), or Certified Information Security Auditor (CISA) is required

Preferred Qualifications:

• Innovate and demonstrate the passion and initiative required to enable growth and progress
• Bring creative approaches to help us drive value for clients
• Ability to influence decisions with senior leadership and business partners when confronted with differing opinions on information security risks
• Demonstrate clear and concise written and verbal communication
• Proven influencing and relationship management skills
• Strong work ethic, ability to work under pressure, meet challenging deadlines
• Proven analytical skills
• Proficiency with Microsoft Office, advanced Excel skills (e.g. Macros, Pivot, complex formulas), and data visualization/analytics business applications such as Power BI
• Familiarity with technologies like Wintel, Unix/Linux, Middleware, Database, Network, Storage
• Knowledge of infrastructure technology software (e.g. Qualys, Skybox, ServiceNow)

• All your information will be kept confidential according to EEO guidelines
• Equal Opportunity Employer Veterans/Disabled