| On-Site IT Cybersecurity Policy Consultant at Tallahassee, Florida, USA |
| Email: [email protected] |
| From: anilj, RBC [email protected] Reply to: [email protected] Title: On-Site IT Cybersecurity Policy Consultant (CISSP, CISM, CISA, GIAC, CISA, CISM, CCIE Security) Location: Tallahassee, FL Length: Long Term Travel required: none Telecommute: no Skills: "IT Cybersecurity Policy Consultant (CISSP, CISM, CISA, GIAC, CISA, CISM, CCIE Security)"; Formulating cybersecurity policies and procedures"; NIST Cybersecurity Framework; NIST CSF guidelines; ISO/IEC 27001, or industry-specific frameworks; MS OFFICE, MS Visio; Documentation, Govt Description: Telecommuting: Telecommuting is not an option for this position. Scope of Work Required consultant experience provided by Contractor, shall include: A bachelors degree in cybersecurity, information technology, computer science, English or a related field. Any 1-2 of the Relevant certifications such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), or Certified Information Systems Auditor (CISA), GIAC, CCIE Security, CompTIA, etc. 8+ years of experience in IT security related responsibilities 4+ years of demonstrated experience producing information security related documentation addressing procedures, standards, and guidelines to ensure information security. This includes proficiency in formulating policies and procedures aligned with the National Institute of Standards and Technology Cybersecurity Framework or analogous sectors. Knowledge of and a comprehensive understanding of the NIST Cybersecurity Framework, including its core functions, categories, and subcategories. Ability to interpret and apply NIST CSF guidelines to develop tailored cybersecurity policies and procedures suitable for the organization's needs. Track record of successfully creating, reviewing, and updating policies and procedures, specifically in the realm of cybersecurity and in alignment with NIST standards. Experience in translating complex technical concepts into easily understandable and implementable policies and procedures, catering to diverse stakeholders. Experience in organizing documentation to facilitate easy navigation and understanding. Experience in managing versioning and track changes in policy documents. Clear and concise communicator capable of articulating complex cybersecurity concepts in both written documentation and verbal presentations. Experience in working independently (taking initiative) while working in a team environment (cooperating with team members and supporting team members). Knowledge understanding of basic security principles relating to confidentiality, integrity, and availability, risk assessments, administrative controls, technical controls, disaster recovery, etc. Preferred Experience: Knowledge of relevant industry-specific regulations, compliance requirements, and standards beyond NIST, such as ISO/IEC 27001, or industry-specific frameworks. Strong interpersonal skills to collaborate with cross-functional teams, stakeholders, and management to gather requirements and address cybersecurity concerns effectively. Experience with Microsoft Word, Excel, and PowerPoint. (Visio a plus). Required Duties and Responsibilities of Consultant shall include but are not limited to: The candidate will create comprehensive policies and procedures based on the NIST CSF framework. The duties of the candidate will include the following: Conduct an assessment of the organization's current cybersecurity policies and procedures against the NIST CSF framework. Identify gaps and areas where policies and procedures need to be developed or revised to align with NIST CSF guidelines. Draft clear and concise policies addressing cybersecurity governance, risk management, asset management, access control, incident response, and other relevant areas. Ensure that developed policies and procedures align with each of the five core functions of the NIST CSF. Map organizational processes and controls to the appropriate categories within the framework. Develop detailed procedures that operationalize the cybersecurity policies based on the NIST CSF guidelines. Engage with key stakeholders, cybersecurity teams, IT personnel, and department heads to gather insights and information necessary for the development of policies, standards, procedures, work details or other relevant required documentation. Collaborate with these stakeholders to ensure that the policies and procedures are practical, feasible, and aligned with organizational goals. Maintain accurate documentation of developed policies and procedures. Implement a version control system to track changes, updates, and revisions made to the documents over time. Prepare reports and presentations detailing the status of cybersecurity compliance and the effectiveness of NIST CSF-based policies and procedures. Communicate findings, recommendations, and updates to relevant stakeholders and management. Collaborate with IT and security teams, legal, compliance, and other relevant departments to ensure a cohesive and integrated approach to cybersecurity. The contractor will address the needs stated above by accomplishing the following: Create policies and procedures using the NIST templates to align with each of the five core functions of the NIST CSF. Create standards using the NIST templates to align with each of the five core functions of the NIST CSF. Create work details and other relevant required documentation to align with each policy, standard, or procedure as required. Map organizational processes and controls to the appropriate categories within the framework. Education/Certifications All Consultants must have earned a bachelors degree in cybersecurity, information technology, computer science, Management Information Systems (MIS), English, or other related field. Keywords: information technology microsoft Florida On-Site IT Cybersecurity Policy Consultant [email protected] |
| [email protected] View all |
| Thu Apr 18 23:53:00 UTC 2024 |