Must be a US Citizen or Permanent Resident to be considered. We are unable to sponsor at this time.
Develop client IT GRC programs and System Security Plan
Facilitate security compliance gap analysis workshops
Coordinate organizational remediation efforts based on plan of action and milestones, which is derived from the gap analysis workshops
Collaborate with client security, IT, and business teams to streamline security process and procedure development
Report on security operations to client leadership teams in terms of risk and compliance
Work with team to provide evidence at time of external client audits
Participate in security and compliance testing of client infrastructure
Growing organization, global footprint, focus on continuing education (certifications / training).
Knowledgeable of industry standards such as NIST 800-53, NIST CSF, NIST 1800-23, DFARS and CMMC, NYS DFS, NYS Shield Act, HIPAA, NYS DOH OHIP SSP, NERC CIP, GDPR, PCI-DSS, CIS Critical Controls
General knowledge IT consulting, control implementation and optimizations, along with auditing security domains such as identity and access management, data encryption, application security, firewall auditing, vulnerability management and reporting, and asset management
Familiarity with vulnerability management programs, security architecture reviews, technical and physical security assessments
Experience developing security analysis documentation and recommended remediation actions
General knowledge of network topologies, security architectures, security solutions, tools, and IT Policies and standards