AddressWe are looking for a candidate who is a cyber expert working closely with customers and handles the offshore team. This lead must be capable and assertive to get the job done to ensure compliance.
Top 3 skills would like to see on the candidate's resume:
- Internal controls assessment
- Regulatory compliance analysis
- Technical Writing or Project Management
Job Description: The Senior Cyber Risk Management SME will assess and document controls addressing enterprise information security solutions, such as authentication and authorization, public key infrastructure, data loss prevention, and security event information analytics, to address the current and emerging security needs of the business. This role requires the understanding of complex enterprise-scale information security problems. In addition to assessing and documenting control implementations, the Senior Cyber Risk Management SME will contribute to the development and maintenance of internal assurance processes and related documentation.
Minimum Qualifications:
- 4+ w/bachelors degree
- CISSP/CISA- Must hold the certifications.
Core Competencies
Business Continuity
Computer Network Defense
Enterprise Architecture
Information Systems/Network Security
Information Technology Assessment
Legal, Government, and Jurisprudence
Policy Management
Risk Management
Technology Awareness
Threat Analysis
Vulnerabilities Assessment
Information Program Management
Knowledge, Skills, Abilities:
Identify information security strategies to address organizational security objectives.
Oversee policy standards and implementation strategies to ensure procedures and guidelines comply with cybersecurity policies.
Ensure that plans of action and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
Support necessary compliance activities (e.g., ensure that system security configuration guidelines are followed, compliance monitoring occurs)
Identify information technology (IT) security program implications of new technologies or technology upgrades
Ensure that cybersecurity inspections, tests, and reviews are coordinated for the network environment.
Ensure that cybersecurity requirements are integrated into the continuity planning for that system and/or organization(s).
Implement and manage an information security risk assessment during the Security Assessment and Authorization process.
Prepare, distribute, and maintain plans, instructions, guidance, and standard operating procedures concerning the security of network system(s) operations.
Provide system-related input on cybersecurity requirements to be included in statements of work and other appropriate procurement documents.
Supervise or manage protective or corrective measures when a cybersecurity incident or vulnerability is discovered.
Continuously validate the organization against policies/guidelines/procedures/regulations/laws to ensure compliance.
Excellent written and verbal communication skills (including technical writing, procedure creation, and documentation development). Must be able to effectively communicate security concepts to a technical audience.
Able to understand moderately complex written and oral instructions.
Ability to clearly present complex/security subjects and findings to technical staff and management.
Strong Exceptional technical writing skills including documentation development, process mapping, and visualization.
Ability to communicate technical concepts and think on the fly.
Ability to interact well with co-workers and outside contacts.
Knowledge of security principles, issues, techniques and implications across all existing computer platforms.
