Job Description
We are looking for a Cybersecurity Specialist to support projects and programs including vulnerability management assessments and cloud security reviews. This person will serve as a subject matter expert on projects including Wi-Fi security, LTE/4G networking, secure and resilient network design, Internet of Things (IoT), industrial control system (ICS)/SCADA cybersecurity and related UT initiatives .
Daily Task include:
1. Conduct complex cybersecurity risk assessments on IoT and ICS services by:
Daily Task include:
1. Conduct complex cybersecurity risk assessments on IoT and ICS services by:
- a. Analyzing, assessing and creating detailed report findings discovered during network security assessments.
- b. Providing recommendations to mitigate and remediate gaps in network security vulnerabilities.
- c. Working with third-party vendors and departments to coordinate technology discovery, performing analysis of the network architecture, and producing call-flows diagrams; working remotely and onsite at various City facilities.
2. Review and triage vulnerability alerts into manageable reports, provide relevant analysis, suggest mitigation procedures, track remediation, identify gaps and escalate as appropriate.
3. Assist in the execution, design and configuration of the internal UT IoT/ICS Lab.
SKILLS/EXPERIENCE:
Minimum 12 years of subject matter expertise performing network assessments on complex enterprise networks.
Strong knowledge of enterprise Cyber Security infrastructure.
Experience implementing citywide projects and programs focused on endpoint defensive and perimeter protection technologies, email security strategy, and identity management.
High degree of confidence and briefing skill; comfortable fielding questions and articulating project/program details in front of senior leadership.
SKILLS/EXPERIENCE:
Significant and demonstrated capabilities to assess organizational cybersecurity hygiene, quantify cyber risk in a prioritized schema, and recommend tactical and strategic courses of action to executive leadership.
Significant track record of executing cybersecurity uplift in government, financial services or professional services industry.
Theoretical and practical understanding of the current cyber threat landscape, attack methodologies, and risk mitigation/remediation methods; experience in cyber forensics and highly complex threat analyses.
In-depth knowledge of complex network architecture, internet connectivity, firewall and DMZ hosting strategies.
Knowledge of data privacy regulations and compliance issues.
Track record of applying innovation successfully in technology environments.
Excellent written and verbal communication skills.
Certifications: CISSP, CISA, CRISC or other information security certifications.
Knowledge of common information security management frameworks: ISO 27001, COBIT, NIST, CIST or other data security standards.
3. Assist in the execution, design and configuration of the internal UT IoT/ICS Lab.
SKILLS/EXPERIENCE:
Minimum 12 years of subject matter expertise performing network assessments on complex enterprise networks.
Strong knowledge of enterprise Cyber Security infrastructure.
Experience implementing citywide projects and programs focused on endpoint defensive and perimeter protection technologies, email security strategy, and identity management.
High degree of confidence and briefing skill; comfortable fielding questions and articulating project/program details in front of senior leadership.
SKILLS/EXPERIENCE:
Significant and demonstrated capabilities to assess organizational cybersecurity hygiene, quantify cyber risk in a prioritized schema, and recommend tactical and strategic courses of action to executive leadership.
Significant track record of executing cybersecurity uplift in government, financial services or professional services industry.
Theoretical and practical understanding of the current cyber threat landscape, attack methodologies, and risk mitigation/remediation methods; experience in cyber forensics and highly complex threat analyses.
In-depth knowledge of complex network architecture, internet connectivity, firewall and DMZ hosting strategies.
Knowledge of data privacy regulations and compliance issues.
Track record of applying innovation successfully in technology environments.
Excellent written and verbal communication skills.
Certifications: CISSP, CISA, CRISC or other information security certifications.
Knowledge of common information security management frameworks: ISO 27001, COBIT, NIST, CIST or other data security standards.