Job Description
Our client is seeking a Senior CyberSecurity Specialist for a 2 year remote contract. The consultant must work 9a to 5p EST Monday through Friday.
This role will act as a subject matter expert performing cybersecurity risk assessments on IoT and ICS services by:
This role will act as a subject matter expert performing cybersecurity risk assessments on IoT and ICS services by:
- Analyzing, assessing and creating detailed report findings discovered during network security assessments.
- Providing recommendations to mitigate and remediate gaps in network security vulnerabilities.
- Working with third-party vendors and City agencies to coordinate technology discovery, performing analysis of the network architecture, and producing call-flows diagrams; working remotely and onsite at various City facilities.
- Reviewing and triaging vulnerability alerts into manageable reports, provide relevant analysis, suggest mitigation procedures, track remediation, identify gaps and escalate as appropriate.
- Assisting in the execution, design and configuration of the internal UT IoT/ICS Lab.
- Minimum 12 years of subject matter expertise performing network assessments on complex enterprise networks
- Strong knowledge of enterprise CYBER SECURITY infrastructure.
- Experience implementing citywide projects and programs focused on endpoint defensive and perimeter protection technologies, email security strategy, and identity management.
- High degree of confidence and briefing skill; comfortable fielding questions and articulating project/program details in front of senior leadership.
- Significant and demonstrated capabilities to assess organizational cybersecurity hygiene, quantify cyber risk in a prioritized schema, and recommend tactical and strategic courses of action to executive leadership.
- Significant track record of executing cybersecurity uplift in government, financial services or professional services industry.
- Theoretical and practical understanding of the current cyber threat landscape, attack methodologies, and risk mitigation/remediation methods; experience in cyber forensics and highly complex threat analyses.
- In-depth knowledge of complex network architecture, internet connectivity, firewall and DMZ hosting strategies.
- Knowledge of data privacy regulations and compliance issues.
- Track record of applying innovation successfully in technology environments
- Excellent written and verbal communication skills.
- Certifications: CISSP, CISA, CRISC or other information security certifications.
- Knowledge of common information security management frameworks: ISO 27001, COBIT, NIST, CIST or other data security standards.