| onsite security analyst or security analyst or risk analyst at Bocaraton, florida at Boca Raton, Florida, USA |
| Email: [email protected] |
| From: sam, vitaforms [email protected] Reply to: [email protected] On-Site GRC Analyst/Security Manager (PCI/ ISO/COBIT/SOC-2/NIST CISA Certified) - Boca Raton, FL This is with Dept of Transportation (Turnpike Division) so it will be plus to have DOT experience + Govt exp. Make sure that we have about 3+ Top candidates who can provide 3 ref (if needed). We would need the Resume and Signed Resume certification for each candidate submitted. Title: RFQ-#6810-Security (GRC) Analyst-Advanced Boca Raton; Request #: PR611148-R116229 use this for R-T-R This closes Monday (10/14/2024). 11-12+ years in the IT industry GRC Risk Analyst Skills & Requirements: 9-10 years of IT Audit experience (CISA certified preferred) 3 years of IT Risk Management lifecycle experience 3 years of hands-on technical experience (e.g. developer, system administrator) Experience working with NIST 800-30 Risk Assessment Standard Extensive experience with IT General Controls evaluation and design Advanced skill level in business process mapping and documentation as well as policy and procedure development Recent experience in Information Security with up-to-date knowledge of the current threat landscape. Solid understanding of PCI DSS standards Education and Certifications: Bachelors Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience. CISA and CISSP certifications (preferred). Candidate need to show up first day to the office This is a 100% on-site position from day one. NO EXCEPTION Telecommuting is not an option for this position. This is NOT a remote position. In order to submit we need A) An up to date resume and Cover letter (why you should be the selected candidate) in word format only. Please make sure all the skills listed in the skill matrix and the JD are reflected in your resume (only if you have the experience). B) Manual signed Resume certification form with Blue/Black ink. DL copy or passport copy is needed as form of identification to witness the persons signature. Please leave the date blank so we DO NOT have you bother you with this STEP for any future positions. C) Manual signed on-site Acknowledgement form with Blue/Black ink. Only place the date and signature the above info box will be filled by GIS, Inc D) Best Rate This is in ref to the position listed below Position ID: 421001-GRC Title: On-Site GRC Analyst/Security Manager (PCI/ ISO/COBIT/SOC-2/NIST CISA Certified) Location: Boca Raton, FL Pay Rate: DOE Length: Multi Years Travel Required: - No Telecommute: no Skills: "GRC Analyst" "Information Security Manager", PCI/ISO/COBIT/ISACA/SOC-2/NIST; cyber security program; IT security risk and audit strategy; "Security policy and procedure development"; Risk Management Program (TPRM); PCI DSS/NIST 800-30 Risk Assessment Standards; IT Audit experience; IT Risk Management lifecycle ; IT General Controls evaluation and design; GRC tools; CISA; CISSP; Reporting matrix, Documentation; Govt Note : Please reply ONLY if you 1) can work 100% on-site from day one + have all the Required skill set and have worked as a "GRC Analyst/Security Manager (PCI/ ISO/COBIT/SOC-2/NIST CISA Certified) in a large & Complex IT Environment. 2) can meet the min required experience as defined under the MANDATORY Skill 3) can provide at least 3 verifiable experience from completed and/or substantially completed jobs that closely match this request + fill out a skill Matrix + Resume Certification Form 4) Can go through a background check including fingerprinting + Agree to a MS Teams interview. 5) have A Competitive Rate 6 will be available in Nov/Dec 2024 timeframe as the Start date after a successful interview takes a minimum of 2-3 weeks. Each staff member assigned to this project must have a background screening that is equivalent to a Level Two (2) screening standard. This is a fixed fee/hourly based project which is inclusive of travel, lodging, per diem expenses and all other costs associated with the completion of the associated tasks. Interviews: Interviews may be conducted remotely via Microsoft Teams. A phone interview may also be requested as a first step. Telecommuting: Telecommuting is not allowed. Purpose The management, assessment, and mitigation of risks are fundamental components of our information assurance and cyber security program at the CLIENT. This position leads the IT security risk and audit program for information systems security using generally accepted standards and frameworks for IT audit and risk management (e.g., NIST, ISO, PCI, and ISACA). The position is responsible for the development and implementation of the IT security risk and audit strategy that perform information systems and business process risk assessments and evaluate the effectiveness of technical, physical, and administrative controls to identify control weakness. This individual will interface with the Security Operations, IT Operations, and various business units to: Perform PCI, ISO, COBIT, and applicable State of Florida cybersecurity controls-related reviews to ensure that current, new, and technology infrastructure complies with these standards and Departments security policies. Plan and perform IT security controls effectiveness quarterly reviews. Manage remediation efforts for the identified gaps including assessment of new or enhanced implemented controls. Maintain IT security risk and compliance matrix and performs management reporting. This will include IT systems controls, and business process risks to meet compliance requirements. Provide risk mitigation strategies Maintain Third Party Risk Management Program (TPRM) and analyze SOC-2 and other reporting including mapping to key IT security and compliance controls such as NIST, PCI, and COBIT. Manage IT security vulnerabilities management program aligned with PCI and NIST standards. Identifying and ranking the value, sensitivity, and criticality of the operations and assets that could be affected should a threat materialize in order to determine which operations and assets are the most important. For the most critical and sensitive assets and operations, estimating the potential losses or damage that could occur if a threat materializes, including recovery costs. Identifying cost-effective actions to mitigate and reduce risk. These actions can include implementing new organizational policies and procedures as well as the design of technical or physical controls. Coordinating, tracking, and verifying remediation of audit findings. Documenting the results and developing a plan of action and milestones for mitigating any identified risk. Produce formal audit reports based on ISACA Audit Standards. Promotes compliance with regulatory requirements (e.g. PCI DSS) and IT best practices. GRC Risk Analyst Skills & Requirements: 9-10 years of IT Audit experience (CISA certified preferred) 3 years of IT Risk Management lifecycle experience 3 years of hands-on technical experience (e.g. developer, system administrator) Experience working with NIST 800-30 Risk Assessment Standard Extensive experience with IT General Controls evaluation and design Advanced skill level in business process mapping and documentation as well as policy and procedure development Recent experience in Information Security with up-to-date knowledge of the current threat landscape. Solid understanding of PCI DSS standards Education and Certifications: Bachelors Degree in Computer Science, Information Systems, Business Administration, or other related field and/or equivalent work experience. CISA and CISSP certifications (preferred). Incumbent may be required to work before, during and/or beyond normal work hours or days in the event of an emergency. Emergency duty required of the incumbent includes working in special needs or Red Cross shelters, or performing other emergency duties including, but not limited to, responses to or threats involving any disaster or threat of disaster, man-made or natural. "When replying please make sure to list your (All Inclusive) Compensation requirements !!!" Note : This is a Full time ON SITE Contract Position !! Start date : Nov/Dec 2024 Keywords: cprogramm rlang information technology golang microsoft Florida Idaho onsite security analyst or security analyst or risk analyst at Bocaraton, florida [email protected] |
| [email protected] View all |
| Wed Oct 02 22:41:00 UTC 2024 |