This is a 30 month opportunity on the Hourly-Based IT Services (HBITS) Contract at the State of New York. (Possibility of extension).
Required Experience:
- 84 months experience evaluating information security, privacy, and compliance for Information Technology systems and/or Operational Technology systems.
- 84 months experience conducting written risk and compliance assessments for security, privacy, and/or Artificial Intelligence using industry standards and frameworks such as NIST, CIS Critical Controls, ISO 27001, etc.
- 60 months experience triaging and determining mitigation plans (with and without Vendor) to resolve security risks and/or threats to business information systems and operational technology systems
- 60 months experience evaluating business systems (Commercial Off the Shelf and Custom Developed) for alignment with Information Technology and/or Operational Technology security policies, standards, laws, regulations, and industry best practices.
- 60 months experience in evaluating security controls for cloud environments
- 60 months experience working with cross functional teams to mitigate or remediate system and application vulnerabilities
- 48 months experience in risk management (including third-party), vulnerability management, and security program management
- 48 months experience in threat assessment and/or Incident Response management for information security and/or operational technology systems.
- Bachelor’s Degree (or higher) in one or more of the following: Information Security, Information Assurance, Cybersecurity, Computer Science, Information Science, Information System Management, Digital Forensics, Compliance and Risk Management
- One or more of the following certifications: GICSP, GSEC, CISSP, CCSP, CCSK, CompTIA Cloud+, GCSA, CompTIA Network+, CompTIA Security+, CompTIA CySA+, CIPT, CIPP, CIPM, CISSP, CRISC, ISSAP, ISSEP, CGRC, CSSLP, SSCP, or other applicable information and/or cybersecurity, privacy, artificial intelligence, or risk management certifications