Risk Manager, Principal

DCS has an exciting opportunity for a Principal Risk Manager to support the supporting C3C/Kessel Run (KR) Division, which is within the Command, Control, Communications and Battle Management (C3BM) PEO located at Hanscom AFB, MA.

Essential Job Functions:

• Shall have comprehensive knowledge of principles, policies and practices of systems acquisition and program risk management, as well as knowledge of roles and relationships within the DoD and the Air Force.
• Individual must have knowledge of qualitative and quantitative techniques for gathering, analyzing, and measuring the effectiveness, efficiency and productivity of acquisition risk management.
• Individual has the knowledge of risk management activities that assist the program manager in assessing program risk and be able to recommend viable solutions to problems and the pursuit of alternative courses of action.
• Individual must be able to effectively communicate orally and in writing, providing quality acquisition and program documentation (briefings, documents, plans, etc.).
• Individual shall be able to plan, research, analyze and assess system risks in terms of development, production and deployment of weapons systems and associated equipment; formulate plans and recommend effective strategies in managing risks.
• Supports risk management boards, program management reviews, senior level meeting/reviews and IMP/IMS reviews. Contractor shall be able to support and develop various briefings/schedules of program status and acquisition tasks to senior management.

Day to Day Expectations:

• Establish and Govern Kessel Run (KR) ’s Technology Risk Management Program.
• Determine and evaluate KR’s risk tolerance; develop and implement risk management strategies, policies, and processes (primarily, but not exclusively, technology related).
• Rollout KR’s Technology Control Framework.
• Conduct inspections/audits to ensure design and operational effectiveness of controls.
• Develop & implement Kessel Run’s Risk & control Self-Assessment (RCSA) program and framework.
• Create and oversee execution of realistic plans to mitigate risks beyond acceptable risk tolerance.
• Generate regular reports on a company’s risks and risk management initiatives.
• Govern Technology Architecture Reference Documentation.
• Create a comprehensive list/framework of Standards, Guidelines, Policies, & Best Practices that should exist at Kessel Run.
• Map current existing documents to this list to identify which ones need to be updated or missing (and need to be created).
• Develop and implement project plan to expeditiously close gaps identified above.
• Setup a well-indexed and organized repository in ServiceNow for these documents along with automated workflows/alerts to ensure they are circulated periodically for reviews/updates.
• Ensure linkage between policies, standards and controls so updates are made comprehensively.
• Manage 3rd Party/Vendor Risk Assessment Program.
• Setup a Vendor Risk Assessment program and process, including developing a Vendor Risk Assessment Questionnaire.
• Finalize and produce KR’s monthly and quarterly metrics.

Travel: Up to 25%.

Required Skills:

Due to the sensitivity of customer related requirements, U.S. Citizenship is required.

A Bachelor’s Degree plus 10 years of experience in the respective technical/professional discipline being performed.

Active Secret security clearance.

Requires CISA, CRISC, CISM, or CISSP certification. 

Travel: Up to 25%.

Job Requirements: