Principal Risk Manager with Security Clearance

---

Job description

McBride Consulting has an exciting opportunity for a Principal Risk Manager supporting the C3C/Kessel Run (KR) Division, which is within the Command, Control, Communications and Battle Management (C3BM) PEO located at Hanscom AFB, MA. Responsibilities
Roles & Responsibilities Shall have comprehensive knowledge of principles, policies and practices of systems acquisition and program risk management, as well as knowledge of roles and relationships within the DoD and the Air Force. Individual must have knowledge of qualitative and quantitative techniques for gathering, analyzing, and measuring the effectiveness, efficiency and productivity of acquisition risk management.
Individual has the knowledge of risk management activities that assist the program manager in assessing program risk and be able to recommend viable solutions to problems and the pursuit of alternative courses of action. Individual must be able to effectively communicate orally and in writing, providing quality acquisition and program documentation (briefings, documents, plans, etc.).
Individual shall be able to plan, research, analyze and assess system risks in terms of development, production and deployment of weapons systems and associated equipment; formulate plans and recommend effective strategies in managing risks.
Supports risk management boards, program management reviews, senior level meeting/reviews and IMP/IMS reviews. Contractor shall be able to support and develop various briefings/schedules of program status and acquisition tasks to senior management.
Day to Day Expectations: Establish and Govern Kessel Run (KR) 's Technology Risk Management Program
Determine and evaluate KR's risk tolerance; develop and implement risk management strategies, policies, and processes (primarily, but not exclusively, technology related)
Rollout KR's Technology Control Framework
Conduct inspections/audits to ensure design and operational effectiveness of controls
Develop & implement Kessel Run's Risk & control Self-Assessment (RCSA) program and framework
Create and oversee execution of realistic plans to mitigate risks beyond acceptable risk tolerance
Generate regular reports on a company's risks and risk management initiatives.
Govern Technology Architecture Reference Documentation
Create a comprehensive list/framework of Standards, Guidelines, Policies, & Best Practices that should exist at Kessel Run
Map current existing documents to this list to identify which ones need to be updated or missing (and need to be created)
Develop and implement project plan to expeditiously close gaps identified above.
Setup a well-indexed and organized repository in ServiceNow for these documents along with automated workflows/alerts to ensure they are circulated periodically for reviews/updates.
Ensure linkage between policies, standards and controls so updates are made comprehensively.
Manage 3rd Party/Vendor Risk Assessment Program
Setup a Vendor Risk Assessment program and process, including developing a Vendor Risk Assessment Questionnaire
Finalize and produce KR's monthly and quarterly metrics. Requirements
Citizenship: Must be a US citizen Minimum Required Qualifications Clearance: Must have and be able to maintain a Secret level clearance Education: BA/BS Degree Years of Experience: 10 years of experience in the respective technical/professional discipline being performed Certifications: CISA, CRISC, CISM, or CISSP Additional Information Location: Hanscom Air Force Base, Bedford, MA Travel: Up to 25%

<!– job description page –>