Skip to Main Content

Security Lead

Savan Group
McLean, VA
  • Posted: July 13, 2022
  • Full-Time

Savan Group is looking for an experienced Security Lead, the Security Lead must have full understanding of all security standards and standardization concepts listed in Sections H.4 and H.5 below. They must lead the contractor team in providing operational support and addressing relevant security issues to maintain the ATO of the eRulemaking and RISC systems. This person should have a background as an IT security project manager, cybersecurity project manager, or a similar role.

Roles and Responsibilities

The successful candidate must understand security standards for moderate impact systems and understand the process of obtaining an accepted C&A for complex systems and have extensive experience with FISMA compliance and compliance with the relevant rules and regulations regarding privacy, CUI, security breaches, and security across all phases of the system lifecycle.

Minimum Requirements

Must be familiar with the following:

  • FIPS PUB 199, Standards for Security Categorization of Federal Information and Information Systems

  • FIPS PUB 200, Minimum Security Requirements for Federal Information and Information Systems

  • FIPS PUB 140-2, Security Requirements for Cryptographic Modules

  • NIST SP 800-18, Revision 1, Guide for Developing Security Plans for Federal Information Systems

  • NIST SP 800-30, Revision 1, Guide for Conducting Risk Assessments

  • NIST SP 800-34, Revision 1, Contingency Planning Guide for Federal Information Systems

  • NIST SP 800-37, Revision 1, Guide for Applying the Risk Management Framework to Federal Information Systems: A Security Lifecycle Approach

  • NIST SP 800-47, Security Guide for Interconnecting Information Technology Systems

  • NIST SP 800-53, Revision 4, Security and Privacy Controls for Federal Information Systems and Organizations

  • NIST SP 800-53A, Revision 4, Assessing Security and Privacy Controls in Federal Information Systems and Organizations: Building Effective Assessment Plans

  • NIST SP 800-63-3, Digital Identity Guidelines

  • NIST SP 800-122, Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)

  • NIST SP 800-137, Information Security Continuous Monitoring (ISCM) for Federal Information Systems and Organizations

    Preferred Qualifications

  • Firsthand experience with eRulemaking or RISC a plus.

  • Public Trust Clearance or higher

Job Location and Schedule

Savan Group Headquarters (McLean, VA) and Client Site (Washington, DC)

Hybrid Schedule (1-2 days on site)

Application Process

Submit your application to the link on this page. Applicants selected for interview will be notified by email or phone.

EOE, including disability and veterans.

Savan Group is an Equal Opportunity Employer and committed to a workplace free of discrimination. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex (including pregnancy), gender identity, and sexual orientation, national origin, age (40 or older), marital status, disability, genetic information, status as a protected veteran, or any other applicable legally protected characteristics.

If you are an individual with a disability and would like to request a reasonable accommodation for the employment process, please email your request to For more information about our company, please visit our website at

This position requires that you be fully vaccinated against COVID-19 before your designated start date unless an exemption from this requirement has been granted as an accommodation for religious or medical reasons.

Powered by JazzHR

Savan Group


McLean, VA
22107 USA


Real Estate

View all jobs at Savan Group

What email should the hiring manager reach you at?

By clicking the button above, I agree to the ZipRecruiter Terms of Use and acknowledge I have read the Privacy Policy, and agree to receive email job alerts.