About TWW Enterprises
The Wright Way Enterprises (TWW Enterprises) is a strategic management consulting firm that offers a suite of comprehensive business services. Our mission is to provide exceptional management consulting services that uphold projects focused on the holistic betterment of human life through thoughtful innovation, security, strategic growth, mitigated risks, and calculated strategy that meet the everchanging demands of the global economy.
TWW Enterprises works with clients to enhance their impact through analysis, strategy, risk management and advisement. We provide strategic solutions for public and private sector entities looking to improve their processes, technology, and service delivery. Our solutions include strategic planning, financial analysis, process improvement, systems development, capacity assessments, cybersecurity risk management and compliance, environmental risk management, and business and IT consulting.
What We Stand On
TWW Enterprises is astute in our belief that a workplace should be a safe place for all employees to thrive, grow, and position themselves to accomplish their career goals. Our firm is co-led by a mother-son team, who is focused on both TWW Enterprises’ business success and its staff members’ well-being. We hold integrity, innovation, quality and excellence, success and thrivability, and employee conscious operations as our core values. We are unwavering about these values, our work products, and our workplace culture. We strive to have a diverse workplace that includes many perspectives that help our people, firm, and clients thrive. If we aren’t learning, we aren’t growing. That we stand on! If this sounds like a place you want to join, read more, and apply!
What We Seek
TWW Enterprises is seeking motivated candidates ready to join our team as Security Assessor II. Ideal candidates for this position have the desired skills listed below but are also collaborative, problem-solving, and communicative. On our team, we want enthusiastic people that are learners at their core and always seeking ways to improve and get better. At TWW Enterprises you will be seen, heard, and respected. We expect all team members to treat one another the same. And we will expect this from you as well.
You In This Position
In this role you will work on a team of professionals providing risk identification and risk mitigation services to our federal clients. More specifically this team will support the evaluation, assessment, and review of security controls implemented for a variety of system types. Additionally, this position will support the advisement and management of solutions specific to regulatory policy, processes, procedures, systems infrastructure, application security, data protection, and program strategy. You can expect your work to touch various cybersecurity standards and frameworks such as NIST, FISMA, HIPAA, agency-specific regulations, and mandates. You will be responsible for overseeing, managing, and reviewing the testing and controls that have been performed, specifically as relates to the general IT control environment for federal government agencies.
Functional Responsibilities
The Assessor II position is responsible for overseeing, managing, and reviewing the testing of controls that have been performed, specifically as it relates to the general IT control environment. This position supports the coverage of the various lines of business, application development, and support teams, including evaluating system development life cycles, change management, computer operations, and information security risks and controls focused primarily on the operating system, application, and database layer.
The Assessor will determine how efficient and effective different departments and activities are and whether these areas function well within the agency’s mission and in alignment with regulatory policy and/or agency mandates. These team members will produce and present reports, findings, and documentation, analyze research, provide process improvement strategies, remediation recommendations, risk analysis, and are responsible for the completion of all aspects of project deliverables. Additionally, the position will:
- Be responsible for evaluating and assessing security measures, controls, and practices within an organization to ensure compliance with established security standards and best practices.
- Conduct security assessments, identify vulnerabilities, and provide recommendations to enhance the organization's overall security posture.
- Lead technology-focused projects in various business lines by identifying and assessing risks in a business context related to the technologies and IT management processes and by developing audit tests designed to achieve audit objectives.
- Lead IT reviews, develop, and apply leadership and project management skills by identifying project tasks and assigning them to resources and by ensuring that projects are executed according to budgets and schedules.
- Exercise superior judgment when evaluating the business impact and significance of security findings, identify mitigating controls and other factors, and assess whether residual risks are consistent with risk tolerance and prudent risk management.
- Develop reports and recommendations to improve control processes to executive management that present results while considering the business context.
- Ensure controls deficiencies are reviewed and followed-up on through remediation and corrections.
- Advise business and IT departments on emerging and evolving risks, best practices, and areas to improve.
- Interact with internal and external compliance oversight communities to support organizations in preparation, stakeholder management, and response.
- Aggregate responses to draw conclusions to advise and recommend outcomes and develop tools and processes to enhance the effectiveness and efficiency of assessment activities.
- Perform root cause analysis and propose risk-based conclusions.
- Prepare and present written communications, plans, reports, briefings, and capture metrics.
- Prepare and conduct briefings for leadership (managers, directors, and executives).
- Communicate adverse and contrasting risk and IT information with technical and non-technical teams.
- Support security risk assessments and contribute to the development of risk mitigation strategies.
- Assist in the development and maintenance of security policies, procedures, and guidelines.
- Evaluate compliance with security policies, standards, and regulatory requirements at an advanced level.
- Conduct risk assessments and assist in developing and implementing risk mitigation strategies.
Minimum Qualifications
- 2+ years of experience in one of the following: audit, technology risk management, information security, IT program management, technology governance, and/or business continuity, emergency response, or incident response.
- Proven experience in conducting security assessments and audits.
- A BS/BA degree or higher in computer science, computer information systems, or equivalent.
- Security+ certification.
- Risk or compliance experience as it relates to IT and security frameworks and standards.
- Solid knowledge and understanding of risk methodologies (e.g., RMF) and tools that support risk assessment processes.
- Ability to work effectively in a team environment and across all organizational levels, where flexibility, collaboration, and adaptability are important.
- Outstanding problem-solving and analytical skills with the ability to turn findings into strategic imperatives.
- Able to travel 15% of the time as necessary.
- Self-starter, flexible and goal oriented.
- Experience in a fast-paced, team-oriented, collaborative environment.
- Demonstrated ability to manage multiple projects and meet deadlines.
Preferred Qualifications
- MS degree in related field.
- Experience working with Inspector Generals within federal government settings.
- Knowledge of regulatory requirements related to data security and privacy (e.g., GDPR, HIPAA, FISMA, GAO, OMB).
- Preference for applicants in the DC commuting area.
Desired Skills
- Knowledge of IT security and infrastructure.
- MS Office and Project proficiency.
- Outstanding organizational and time management skills.
- Ability to multi-task and prioritize daily workload.
- Excellent verbal and written communication skills, with the ability to speak clearly and effectively with customers and technical personnel in a variety of situations.
- Skilled writing ability.
- Pristine attention to detail.
- Sharp problem-solving skills.
- Thoughtful relationship manager and builder.
- Valuable interpersonal skills.
- Strong ability to work collaboratively and independently.
- Solution-oriented mind-set with ability to make quick assessments and identify the best course of action.
Compensation and Benefits
- $95k - $120k (based on experience).
- Health, Dental, Vision, STD, LTD, Life.
Work Requirements
- Must be a U.S. Citizen.
- Must have or be able to obtain a security clearance.
- Must be able to pass a favorable federal tax check.
- Must meet minimum qualifications.
- Must have prior federal government experience.
Location
- Remote (limited travel may be required).
To Apply
- Send resume and cover letter to admin@twwglobal.com with the subject line “Security Assessor II Career Application”.
Deadline
- Applications for this position are due by 11:59pm, June 23, 2024.