Job Summary:
We are seeking an experienced Cyber Security Consultant to join our team. The successful candidate will be responsible for ensuring the security of our infrastructure, managing compliance with regulatory frameworks, conducting security assessments, and driving complex issue resolution across various aspects of the organization. The ideal candidate will possess a strong background in cybersecurity, regulatory compliance, cloud security, and vendor management
Role: Contract
Working : Preference is hybrid but will consider remote.
Key Responsibilities:
- Manage and maintain security measures for infrastructure to safeguard sensitive information and systems.
- Ensure adherence to regulatory compliance requirements including NCUA, FDIC, NIST CSF, NIST 800.53, NIST 800-171, ITIL, ISO 27001, CIS, and GRC frameworks.
- Conduct framework assessments and security audits to ensure compliance and identify areas for improvement.
- Lead efforts to resolve complex cybersecurity issues and vulnerabilities.
- Work on creating cyber security procedures and standards aligning with established information security cybersecurity policy.
- Implement and maintain data security measures, including encryption, access control, and incident response.
- Manage relationships with vendors, ensuring they comply with security policies and standards.
- Oversee cloud security measures, ensuring secure deployment and maintenance of cloud-based services.
- Provide project management leadership for cybersecurity-related projects, ensuring timely and effective execution.
- Prepare reports and documentation on security assessments, audits, and incident responses for internal and external stakeholders.
- Work on initiative to perform HIPAA and BIA(Business Impact Assessment for various department.
Qualifications:
- Bachelor’s degree in information technology, Cybersecurity, or related field (or equivalent experience).
- 5+ years of experience in a cybersecurity role, with a focus on infrastructure security and regulatory compliance.
- In-depth knowledge of NCUA, FDIC, NIST CSF, NIST 800.53, NIST 800-171, ITIL, ISO 27001, CIS, DOJ, CJIS and GRC frameworks.
- Proven experience in conducting framework assessments, security audits, and ensuring compliance with regulatory standards.
- Strong understanding of Incident Response planning.
- Experience with cloud security technologies and best practices.
- Excellent problem-solving skills with a track record of complex issue resolution in cybersecurity.
- Experience in vendor management and ensuring third-party security compliance.
- Experience with Tanium, Abnormal, CrowdStrike, KnowBe4, Palo alto, MS Defender, and Sentinel etc.
- Strong project management skills with the ability to manage multiple cybersecurity projects simultaneously.
- Industry certifications such as CISSP, CISA, CRISC, or CCSP are a plus.
Skills & Abilities:
- Strong understanding of data security best practices.
- Ability to communicate effectively with both technical and non-technical stakeholders.
- Analytical mindset with the ability to assess risks and prioritize tasks accordingly.
- Self-motivated, detail-oriented, and able to work independently as well as in a team.