Job Description

Subject Matter Expert / QA Reviewer

Project: IT Risk Assessment Engagement

Duration: 8 weeks (approximately 24 hours total)

Work Location: Primarily remote; one on-site visit to Baltimore, MD

Employment Type: Contract / 1099

About the Engagement

OpenKyber has been selected to deliver a comprehensive IT Risk Assessment for a HUD-funded public housing authority. The assessment is anchored in the NIST Cybersecurity Framework (CSF) 2.0 and HIPAA Security Rule, covering five domains: Governance & Management, Infrastructure & Operations, Security & Access Controls, Applications & Data, and People & Processes.

Role Summary

The Subject Matter Expert / QA Reviewer serves as OpenKyber's senior technical authority on this engagement. This individual reviews all assessment findings and draft deliverables for technical accuracy, completeness, and regulatory alignment before submission to the client. The SME also provides senior advisory support to executive stakeholders and signs off on the final Risk Assessment Report and Risk Register.

Responsibilities

• Conduct quality review of all assessment findings produced by the assessment team across all five domains
• Validate NIST CSF 2.0 maturity tier ratings and HIPAA Security Rule gap findings for accuracy and consistency
• Provide senior technical guidance to the assessment team throughout the engagement
• Review and approve all five formal deliverables: Risk Assessment Report, Risk Register, Gap Analysis, Recommendations Roadmap, and Executive Summary Presentation
• Serve as senior advisor during the Executive Summary Presentation to client leadership (on-site, Baltimore, MD)
• Identify any findings gaps, scoring inconsistencies, or compliance mapping errors prior to client delivery
• Ensure all deliverables meet OpenKyber quality standards and RFP requirements

Required Qualifications

• Education: Bachelor's degree required; advanced degree preferred (Master's in Cybersecurity, Information Systems, or related field)
• Experience: 12+ years in cybersecurity, IT risk management, or government IT advisory roles
• NIST/CSF: Deep expertise in NIST CSF 2.0 and NIST SP 800-53 Rev. 5; demonstrated experience advising agency or authority leadership on risk posture and remediation strategy
• HIPAA: Direct HIPAA Security Rule expertise; proven experience identifying compliance gaps in government or regulated environments
• Government Experience: Prior experience supporting federal, state, local, or HUD-funded clients strongly preferred
• Location: Must be US-based; no offshore work permitted
• Required Certifications (at least two preferred): CISSP, CISM, PMP, CRISC, CGRC

For applications and inquiries, contact: hirings@openkyber.com

Job Tags

Similar Jobs