Sr. Cybersecurity Consultant

The Ohio Department of Aging (ODA) is looking for an experienced and highly skilled Sr. Cybersecurity Consultant to join the team. She or he will assist in guiding cybersecurity best practice, building a security focused culture through partnership and collaboration with the business and technology. This position combines responsibility for exercising cybersecurity strategy and roadmap, education and awareness, governance and Compliance.

This position will function as a Cybersecurity program consultant that include:

Develops and implements business domain expertise to inform the cybersecurity and compliance risk management strategy.

Exercises appropriate standard and associated risk controls based in compliance with NIST 800-53.

Develops, implements, and maintains security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams.

Ensures technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes.

Determines how mainstream and emerging technologies can be safely and securely used to advance business strategy.

Establishes and manages a security risk governance framework; publishes and disseminates security policies, standards, and supporting materials to reduce risk through security awareness, and monitors compliance.

Assists and directs organization in the daily execution of identifying, developing, implementing, and maintaining processes to reduce strategic business and information risks.

Develops overall cybersecurity program plans, guidance, and procedures necessary to effectively execute diverse technical, administrative and program functions.

Mandatory Requirements

4-year college degree or equivalent technical study

Proven experience leading and managing innovative teams of highly technical professionals 15+ years in privacy, security, or a related field

One or more Information Security Certifications preferred: CISSP, CISM, CCSP, GSLC, GSEC, CISA

Strong experience in developing cybersecurity roadmap and strategy

Demonstrate clear and concise writing, and verbal skills to communicate complex issues and solutions in simple terms to all levels of the organization

Strong experience in cybersecurity strategic planning, NIST compliance, CMMC or CMMI maturity models

Strong experience in Program Management or experience planning and leading a team to achieve a technical goal.

Demonstrated experience with collaborating in a highly matrixed environment which involves multiple internal and external stakeholders to gather data that enables prioritization and action

Experience with developing key metrics reports, tracking project, develop corrective action project plans as required Experience with developing key metrics reports, tracking project, develop corrective action project plans as required

Excellent analytical, project management and organizational skills with a keen attention to detail.

Solid analytical/problem-solving skills with the ability to identify solutions to unusual and complex problems.

Excellent written and verbal communication skills.