Principal Risk Manager

Job Description McBride Consulting has an exciting opportunity for a Principal Risk Manager supporting the C3C/Kessel Run (KR) Division, which is within the Command, Control, Communications and Battle Management (C3BM) PEO located at Hanscom AFB, MA. Responsibilities Roles & Responsibilities Shall have comprehensive knowledge of principles, policies and practices of systems acquisition and program risk management, as well as knowledge of roles and relationships within the DoD and the Air Force. Individual must have knowledge of qualitative and quantitative techniques for gathering, analyzing, and measuring the effectiveness, efficiency and productivity of acquisition risk management. Individual has the knowledge of risk management activities that assist the program manager in assessing program risk and be able to recommend viable solutions to problems and the pursuit of alternative courses of action. Individual must be able to effectively communicate orally and in writing, providing quality acquisition and program documentation (briefings, documents, plans, etc.). Individual shall be able to plan, research, analyze and assess system risks in terms of development, production and deployment of weapons systems and associated equipment; formulate plans and recommend effective strategies in managing risks. Supports risk management boards, program management reviews, senior level meeting/reviews and IMP/IMS reviews. Contractor shall be able to support and develop various briefings/schedules of program status and acquisition tasks to senior management. Day to Day Expectations: Establish and Govern Kessel Run (KR) 's Technology Risk Management Program Determine and evaluate KR's risk tolerance; develop and implement risk management strategies, policies, and processes (primarily, but not exclusively, technology related) Rollout KR's Technology Control Framework Conduct inspections/audits to ensure design and operational effectiveness of controls Develop & implement Kessel Run's Risk & control Self-Assessment (RCSA) program and framework Create and oversee execution of realistic plans to mitigate risks beyond acceptable risk tolerance Generate regular reports on a company's risks and risk management initiatives. Govern Technology Architecture Reference Documentation Create a comprehensive list/framework of Standards, Guidelines, Policies, & Best Practices that should exist at Kessel Run Map current existing documents to this list to identify which ones need to be updated or missing (and need to be created) Develop and implement project plan to expeditiously close gaps identified above. Setup a well-indexed and organized repository in ServiceNow for these documents along with automated workflows/alerts to ensure they are circulated periodically for reviews/updates. Ensure linkage between policies, standards and controls so updates are made comprehensively. Manage 3rd Party/Vendor Risk Assessment Program Setup a Vendor Risk Assessment program and process, including developing a Vendor Risk Assessment Questionnaire Finalize and produce KR's monthly and quarterly metrics. Requirements Citizenship: Must be a US citizen Minimum Required Qualifications Clearance : Must have and be able to maintain a Secret level clearance Education: BA/BS Degree Years of Experience: 10 years of experience in the respective technical/professional discipline being performed Certifications: CISA, CRISC, CISM, or CISSP Additional Information Location: Hanscom Air Force Base, Bedford, MA Travel: Up to 25% Benefits 401(k) Dental insurance Health insurance Life insurance Paid time off Professional development assistance Referral program Vision insurance

Created: 2024-11-02