Cyber Risk Management Jobs in Illinois (NOW HIRING)

Description

NexGen Data Systems is seeking a highly experienced Risk Management Support Task Lead to direct and execute comprehensive cybersecurity engineering and risk management operations for the United States Transportation Command (USTRANSCOM). The scope of this project is to provide comprehensive lifecycle implementation and assessment support for all phases of the DoD Risk Management Program (DoDI 8510.01) and NIST SP 800-37 Risk Management Framework (RMF) across internal enclaves, service networks, and commercial cloud environments.

The Risk Management Support Task Leads functions as a top-level technical contributor and supervisor providing expert support, advanced research, and risk analysis into exceptionally complex problems and system architectures. The Task Lead is responsible for managing on-site deliverables, leading a team of specialized compliance and engineering professionals, and serving as the primary technical interface to the Cybersecurity Assessment Program to deliver highly innovative risk reduction solutions.

Roles & Responsibilities:

• Manage complex on-site contract deliverables and coordinate directly with the Government functional lead to align team activities with combatant command priorities.
• Lead the technical execution of the RMF lifecycle across approximately 40 enterprise systems, independently evaluating security controls, tracking categorizations, and finalizing ATO packages.
• Reconstruct and recommend advanced cybersecurity software tools and assist in the development of tool requirements and product-specific STIGs derived from applicable DISA SRGs.
• Provide expert Information Systems Security Engineering (ISSE) lifecycle alignment in strict accordance with NIST SP 800-160 Volume I and Volume II trust and cyber resiliency models.
• Supervise the execution of weekly automated network vulnerability scanning (ACAS), continuous risk dashboard monitoring, and verification against DISA STIG/SRG baselines.
• Oversee the command's Information Assurance Vulnerability Management (IAVM) program, managing the distribution of security alerts, tracking macro compliance trends, and processing complex POA&Ms.
• Serve as the lead technical expert for Software Assurance (SwA) code diagnostics, utilizing automated application scanning tools (such as Fortify) to evaluate source code, tune configurations to eliminate false positives, and publish annual summary analysis logs.
• Manage Security Control Assessor Representative (SCAR) workflows, performing rapid triage of all RMF-related submissions within strict 7-business-day service level thresholds.
• Coordinate across the Joint Deployment and Distribution Enterprise (JDDE) to facilitate technical data-sharing, evaluate system reciprocity, and manage DoD Ports, Protocols, and Services Management (PPSM) registries.
• Provide technical engineering oversight for the deployment of the Cybersecurity Readiness Framework (CRF), executing complex ETL data pipelines and analytics workloads using Databricks, Python, SQL, and Qlik.

Other Duties: Please note this job description is not designed to cover or contain a comprehensive listing of activities, duties or responsibilities that are required of the employee for this job. Duties, responsibilities and activities may change at any time with or without notice.

Requirements

Desired/Required Skills:

• Active Department of Defense Top Secret/SCI (Tier 5 Investigation) required. 
• Must satisfy DoD 8570.01-M / DoDM 8140.03 Information Assurance Management (IAM) Level III baseline qualification requirements (e.g., active CISSP, CISM, or GSLC) at the commencement of work.
• Must hold a validation/penetration testing credential (e.g., CEH, GPEN, LPT, or CEPT) and a Tenable Certified NESSUS Auditor (or ACAS equivalent) certification. 
• REQUIRED Foundational Qualification: Defense Cyber Crime Center (DC3) Cyber 101 course completion.
• Bachelor's degree or related technical training in Computer Science, Engineering, Information Management, or a related mission-area professional discipline required.
• A minimum of seven (7) years of progressive IT experience combined with at least five (5) years of direct, specialized Cybersecurity experience. 
• Tool Proficiency: Proven expert experience conducting CCRI-level evaluations and hands-on proficiency with tools including VULNERATOR, eMASS, ACAS/NESSUS, and HBSS (ePO, HIPS, AV).
• Technical Environment Savvy: Deep engineering knowledge of core computing environments across varying Operating Systems (Windows, Unix/Linux), Boundary Defenses (firewalls, routers), and Web/Database services (SQL Server, Oracle, Apache, IIS).
• Strong conceptual thinking and communication skills, with a documented track record of authoring high-fidelity Security Risk Assessments, standard operating procedures (SOPs), and technical analysis of alternatives (AoA) whitepapers. 

About the Company:

NexGen Data Systems is an emerging technologies focused company providing expert systems and network engineering solutions to the Department of Defense. NexGen Data Systems promotes a culture of knowledge and career advancement through continued learning, keeping our team current on the latest advances in systems and networking, and enabling our team to provide the best available solutions to our clients.

Benefits:

• Company covers 100% of premiums for the employee's medical, dental, and vision insurance and subsidizes premiums for spouse and dependents.
• Company provides short and long term disability plans.
• 401(k) match up to 10% of the employee's salary contributions to 401(K) plan.
• Comprehensive training and development program.
• 11 paid holidays and paid time off (PTO) accrual level starts at 15 days annually.

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or protected veteran status.

NOTE: US Citizens and those authorized to work in the US are encouraged to apply. In order to be qualified for this position, you must be able to obtain and maintain a United States Department of Defense (DoD) security clearance. We are unable to sponsor Visas at this time. NexGen Data Systems provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, gender, sexual orientation, national origin, age, disability, marital status, amnesty, or status as a covered veteran in accordance with applicable federal, state and local laws.