Job Title: IT - Cyber Security Controls Assessor – Expert in San Francisco, CA// 12 months
Job Title: IT - Cyber Security Controls Assessor – Expert
Location: San Francisco, CA 94105
Duration: 12 months
Education Minimum: B.S. degree in Computer Science, Information Systems or other related field, or equivalent year work experience. Education Desired: M.S. or M.B.A. degree in business administration, computer science, or equivalent preferred.
Experience Minimum: Minimum of 6 years of combined IT, critical infrastructure, intelligence, and/or cyber/information security work experience. Utility industry experience strongly preferred.
Experience Desired: Cyber security best practices and standards (e.g. NIST, ISO, etc.)
• IT security products and technology.
• Cyber/information security management policies, procedures, regulations and governance processes, Information Systems/Network Security, System Security Analysis, Information Assurance Compliance.
• Risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems. Computer networking concepts and protocols, and network security methodologies Knowledge, Skills, Abilities and (Technical) Competencies: Demonstrated problem analysis and decision-making skills.
• Ability to communicate and convey complex IT/OT technical security related concepts to business and technology teams.
• Ability to influence and work with and across all levels within the business.
• Excellent written and verbal communication skills required. Ability to perform complex tasks using established policies, procedures and guidelines as reference
• Leads technology assessments to understand capabilities of required systems or networks.
• Identifies and recommend cyber capabilities strategies for technology development based on stakeholder requirements.
• Drives security reviews and identifies gaps in security architecture and design and recommend necessary security controls to be integrated within the development lifecycle.
• Develops and recommends security controls, identify key security objectives to maximize software and system security while minimizing disruption to plans and schedules.
• Leads translation of security controls into technical specifications and guidance to stakeholders to ensure common understanding across the stakeholders and enable adequate implementation.
• Owns and documents the implementation of the security controls and creates auditable evidence of security measures.
• Actively recommends engineering solution in collaboration with Cybersecurity Engineers and Cybersecurity Architects and product owners to remediate inherent cyber security risks.
• Leads the collection and analysis of benchmarks and metrics for the department to drive continuous improvement.
• Actively engages with the IT methodology team to recommend and deploy process improvements to ensure that security requirements are incorporated in all technology projects. Provides peer review and support for organizational deliverables.
Feel free to call me at 732-243-0263