Role : Cyber Security Specialist
Location : Morrisville NC
Contract W2 - 12 months
Design and administer procedures in the organization that sustains the security of the organization s data and access to its technology and communications systems. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization s systems and the data contained in them. Duties:
Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings
Strong analytical/assessment capability (e.g., conducting gap analyses, risk assessments)
Experience with systems engineering discipline
Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings
Strong analytical/assessment capability (e.g., conducting gap analyses, risk assessments). Must have demonstrated knowledge and experience in:
Designing, developing, implementing, executing, and improving third-party cyber risk management strategy and practices (public and/or private sector)
Adapting and implementing industry cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, CIS 18, Zero Trust Principles, FedRAMP)
Assessing supply chain risk based on recognized audit reports (e.g., SOC 2 Type II) and/or questionnaire responses
Managing and instructing diverse teams with varying levels of subject matter expertise
Managing competing priorities to ensure timely completion of work
Communicating with cross-functional leadership and other stakeholders (especially supply chain management) on third-party risk management strategy, risk management activities, and risks
Learning on the job to expand knowledge for self and team members
Working with third party risk assessment platforms (e.g., Process Unity GRX)
Working with Risk Management platforms (e.g., Diligent RSAM)
Technical Writing
Contract Review and Negotiations Nice to have:
Public and Private Sector Experience
Proximity (<50 miles) to Gatehouse (Falls Church, VA) or Aerial (Morrisville, NC) for in-person activities
Familiarity with CyberGRX (now Process Unity GRX) and Diligent
RSAM EXPERIENCE LEVEL:
10+ years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.
EDUCATION:
Must possess a bachelor’s degree or master’s Degree, PhD or JD in Computer Science, Information Technology or Information Security (Master’s Degree preferred).
CERTIFICATIONS: (One or more required)
CISSP, CCSK/CCSP, PMP and/or CISA certifications CRISC - Certified in Risk and Information Systems Control
CISM - Certified Information Security Manager Additional Provisions: Must be able to obtain a Position of Public Trust Clearance
Pass both a client mandated clearance process to include drug screening, criminal history check and credit check.
Once candidate s resume is approved and interview passed, the agency is responsible for providing drug screening. Failure to submit the drug screening results will delay the security clearance process.
If a candidate is given an interim clearance, continuation of employment is then based on the candidate receiving a sensitive clearance.
Candidate must have lived in the United States for the past 5 years.
Cannot have more than 6 months travel outside the United States within the last five years. Military Service excluded. (Exception does not include military family members.)
All overtime must be pre-approved in writing by the client manager or his/her designated representative.
Agency will not be reimbursed for overtime charges without previous written authorization. Authorized overtime will be reimbursed at straight time.
The enforced dress code is business casual, i.e. collared shirt with slacks for men, no skirts above the knee for women.