Risk- Asset Management Lead; RBAM

Risk-Based Asset Management Lead

Contingent hire based on contract award.

• Lead the integrated RBAM practice across Vulnerability Management, Configuration Management, and Database Management, aligning effort with USCIS business priorities and risk tolerance
• Oversee RBAM projects end-to-end: track schedules, facilitate working sessions, and brief leadership and the Government PM/COR on status, risks, and decisions
• Run the vulnerability scanning program using approved tooling. Initiate scans, analyze results, prioritize remediation by impact and likelihood, and ensure adherence to DHS policies and federal regulations
• Continuously monitor emerging threats (CVE, NVD, CISA KEV) and translate them into a prioritized, defensible remediation backlog
• Validate and act on the DHS/CISA Cyber Hygiene Report. Partner with system owners and admins on remediation plans, track progress, and report to leadership
• Support the USCIS software approval process — evaluate new products and technologies for security, compliance, and operational fit
• Establish, document, and enforce configuration management policies, procedures, and baselines across diverse IT environments — with full traceability for changes (documented, tracked, approved, audited)
• Use configuration management tooling to monitor and report on system configurations and compliance, identify drift, and resolve configuration‑related risks
• Develop and maintain database hardening scripts and processes; translate audit requirements into actionable configurations and evidence artifacts
• Build and refine Splunk dashboards and reporting (and Service Now workflows/tickets) so VM/CM posture is visible at a glance — not buried in a spreadsheet
• Author and maintain SOPs and Playbooks for RBAM operations; contribute to the Risk Register, Weekly Status Report, and Monthly Program Management Review

• Bachelor’s degree in Information Systems / Information Technology, Computer Science, Computer Engineering, Electrical Engineering, related field, or technical degree — or 4 years of relevant experience in lieu of a degree
• An active CASP, GSEC, GSLC, CISSP, CEH, CISM, CISA, or comparable cybersecurity certification
• An active Agile certification: PMI-ACP, SAFe Agilist, CSM, or comparable
• Minimum 7 years of total professional experience, with at least 5 years of technical experience in either: (a) overseeing and managing vulnerability remediation for enterprise environments, or (b) establishing, managing, and enforcing configuration baselines across diverse IT environments — ideally both
• In-depth, working knowledge of CVE, CVSS, NVD, and the CISA KEV catalog. You can prioritize like a pro and explain the prioritization to a non‑technical audience
• Deep understanding of Configuration Management principles as defined in NIST SP 800-128
• Strong, hands‑on knowledge of system and database hardening best practices using DISA STIGs and CIS Benchmarks
• Familiarity with remediation across Windows, Linux, network devices, containerized environments, and cloud platforms (AWS, Azure, Google)
• Hands‑on experience implementing and operating SIEM tools — specifically Splunk dashboarding and reporting (creating and modifying dashboards, not just consuming them)
• Experience with enterprise ticketing in Service Now, including building/altering workflows and reports
• Proficiency in scripting and automation:
  Python, Power Shell, Bash, and Splunk Search Processing Language
• Familiarity with Dev Sec Ops  and CI/CD pipeline development — enough to embed security baselines into pipelines and image‑hardening processes
• Ability to incorporate security configuration baselines into CM processes and enforce through OS image hardening, automation, and audit
• Extensive hands‑on experience with a wide range of database technologies, including Relational (Oracle, Postgre
  
  SQL, MySQL, MS SQL), No
  
  SQL (Mongo
  
  DB), and Cloud‑native (Amazon RDS, Azure SQL, Dynamo
  
  DB)
• Ability to assess and secure both on‑premises and cloud‑hosted database environments
• Experience implementing and managing audit logging, data masking, and encryption mechanisms
• Experience using scanning tools to verify database hardening compliance and…