Architect - Expert ISO Policy Change Development (Remote)
Work set-up:
Full Remote
Experience:
Expert & Leadership (>10 years)
Offer summary
Qualifications:
Minimum of 5 years experience as an IT security professional., Strong knowledge of security frameworks like ISO, NIST, PCI-DSS, HIPAA., Experience developing and implementing security policies and procedures., CISSP certification is preferred..Key responsibilities:
- Support the creation and update of the client's security program and policies.
- Lead or support PCI-DSS assessments and compliance efforts.
- Design and risk assess cloud computing environments like AWS and Azure.
- Develop and execute information security incident response plans.
Job description
Job Title: Architect - Expert ISO Policy Change Development (Remote)
Location: Raleigh, NC
Duration: 12+ Months
Job Description:
The client requires a contract information security specialist (expert) architect/analyst resource to provide information security policy, process, procedure, and program development for client and the client business. This position will be an client Information Security Business Architect (ISBA, working title) dedicated primarily to support the creation and update of client's security program and related policies, standards, and procedures/processes.
Skills:
Location: Raleigh, NC
Duration: 12+ Months
Job Description:
The client requires a contract information security specialist (expert) architect/analyst resource to provide information security policy, process, procedure, and program development for client and the client business. This position will be an client Information Security Business Architect (ISBA, working title) dedicated primarily to support the creation and update of client's security program and related policies, standards, and procedures/processes.
Skills:
| Skill | Required/Desired | Amount | of Experience |
| Current or prior role as a PCI-DSS Qualified Security Assessor (QSA) or PCI-DSS Internal Security Assessor (ISA) | Desired | ||
| Experience leading or directly supporting PCI-DSS annual assessment for a L1 or L2 merchant, familiarity with PCI-DSS 3.2 or higher. | Desired | ||
| Strong knowledge and experience architecting/designing implementations, configuring, and risk assessing AWS and/or Azure cloud computing environments. | Desired | ||
| Progressive advanced experience as an IT information security professional working within an enterprise environment. | Required | 5 | Years |
| Hands-on experience implementing, administrating and operating technologies such as firewalls, IDS/IPS, SIEM, antivirus, network traffic analyzers | Nice to have | 5 | Years |
| Detailed technical experience with network security, security protocols, access control, cryptography, application security, and data protection. | Required | 5 | Years |
| Extensive experience with data classification, handling, assessment, and enforcement. | Required | 5 | Years |
| Experience implementing and supporting systems within enterprise-class data center environments. | Required | 5 | Years |
| Advanced knowledge of regulatory compliance including, but not limited to: OWASP, ISO, NIST, FISMA, PCI-DSS, HIPAA and IRS-1075. | Required | 5 | Years |
| Experience leading risk assessments using industry standard frameworks such as ISO or NIST for complex IT projects and technologies. | Required | 5 | Years |
| Experience developing, leading and executing information security incident response plans. | Required | 5 | Years |
| Experience developing and implementing information security policy, standards and procedures. | Required | 5 | Years |
| Experience providing research and evidence in support of audits. | Required | 3 | Years |
| CISSP information security certification. | Nice to have | ||
| Specific experience implementing, administrating, or operating Tenable Nessus. | Nice to have | ||
| Specific experience implementing, administrating, operating or utilizing IBM Qradar SIEM | Highly desired | 2 | Years |
| Experience consulting on information security solutions for a state or federal agency. | Required | 2 | Years |
| Experience implementing and operating enterprise class data networking solutions | Nice to have | ||
| Experience implementing and operating enterprise class server and storage systems | Nice to have | Years | |
| Detailed expert knowledge of NIST 800-53, and performing risk assessments utilizing NIST 800-53. | Required | 2 | Years |
| Detailed expert knowledge of ISO 27001, and performing risk assessments utilizing ISO 27001 | Nice to have | ||
| Detailed expert knowledge of the NIST Cyber Security Framework (CSF), and performing risk assessments utilizing the NIST CSF. | Required | 2 | Years |
| Familiarity and experience with the Department of Homeland Security (DHS) Cyber Security Evaluation Tool (CSET). | Nice to have | 2 | Years |
| Experience consulting on information security and IT solutions for a state motor vehicles agency or department of transportation. | Required | ||
| Experience performing risk assessments, documenting and driving compliance with the North Carolina DIT Statewide Information Security Manual. | Required | ||
| Experience completing NC Department of Information Technology Privacy Threshold Analysis (PTA) documentation. | Nice to have | ||
| Experience completing NC Department of Information Technology Vendor Readiness Assessment Report (VRAR) documentation. | Highly desired | ||
| Trained and experience implementing and operating with ITIL (formerly Information Technology Infrastructure Library) concepts. | Nice to have | ||
| ITIL (formerly Information Technology Infrastructure Library) certification. | Nice to have | ||
| Familiarity and practical experience with SABSA or TOGAF enterprise architecture frameworks and methodologies. | Nice to have | ||
| SABSA or TOGAF certification. | Nice to have |
Required profile
Experience
Level of experience: Expert & Leadership (>10 years)
Industry :
Information Technology & Services
Spoken language(s):
English
Check out the description to know which languages are mandatory. Hard Skills
Conventional PCIAWS Cloud ServicesMicrosoft AzureComputer SecurityHealth Risk AssessmentsRegulatory ComplianceIDS InfoLease (Asset Finance Technology)Network Traffic AnalysisCyber SecurityAntivirus SoftwareData ClassificationEnterprise Systems Connection (ESCON)FirewallInformation Technology Infrastructure LibraryNessusISO/IEC 27000 SeriesSecurity Information And Event Management (SIEM)NIST 800
Related jobs
Ecommerce Manager
Ecommerce Manager
30+ days ago
Sigma HR Solutions
- From: India (Full Remote)
- Full time
Search Engine OptimizationSearch Engine MarketingProcurement
Personalized Internet Ads Assessor - Canada (Persian Speaker)
Personalized Internet Ads Assessor - Canada (Persian Speaker)
17 days ago
TELUS Digital AI Data Solutions
- From: Vancouver (Full Remote)
- Part time
Senior/Lead Backend Engineer - Brazil
Senior/Lead Backend Engineer - Brazil
30+ days ago
Deep Origin
- From: Brazil (Full Remote)
- Full time
JavaScript (Programming Language)Node.js (Javascript Library)TypeScriptKubernetes
Account Manager, THD Pro
Account Manager, THD Pro
14 days ago
Samsung Electronics UK
- From: United States (Full Remote)
- Full time
Market AnalysisBusiness NegotiationSales ManagementSales Management
Staff Backend Engineer
Staff Backend Engineer
30+ days ago
You.com
- From: United States (Full Remote)
- Full time
Database Management