This position will function as a Cybersecurity program consultant that include:
Develops and implements business domain expertise to inform the cybersecurity and compliance risk management strategy.
Exercises appropriate standard and associated risk controls based in compliance with NIST 800-53.
Develops, implements, and maintains security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams.
Ensures technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.
Determines how mainstream and emerging technologies can be safely and securely used to advance business strategy.
Establishes and manages a security risk governance framework; publishes and disseminates security policies, standards, and supporting materials to reduce risk through security awareness, and monitors compliance.
Assists and directs organization in the daily execution of identifying, developing, implementing, and maintaining processes to reduce strategic business and information risks.
Develops overall cybersecurity program plans, guidance, and procedures necessary to effectively execute diverse technical, administrative and program functions.
Mandatory Requirements
4-year college degree or equivalent technical study
Proven experience leading and managing innovative teams of highly technical professionals 15+ years in privacy, security, or a related field
One or more Information Security Certifications preferred: CISSP, CISM, CCSP, GSLC, GSEC, CISA
Strong experience in developing cybersecurity roadmap and strategy
Demonstrate clear and concise writing, and verbal skills to communicate complex issues and solutions in simple terms to all levels of the organization