Job Role: Virtual Chief Information Security Officer Services
Duration: Long Term - Part-time (20hrs per week)
Location: Columbia, MD
Key Skills: Cybersecurity, CISSP/CISM/CISA, Vulnerability management, Data management, Incidence response, Software management, Hardware asset management
About The Job
The Consultant shall provide expert virtual cyber security services. The client seeks a fresh perspective on its security measures and protocols to not only improve its posture, but also to identify new risks and opportunities.
Preferred Qualifications
At a minimum, the Contractor must possess a bachelor’s degree in cybersecurity, computer science, information technology, or a related field from an accredited higher education institution in the United States. A master’s degree is preferred.
The Contractor must possess at least one of the following related certifications:
Certified Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA)
Responsibilities
Identifying, estimating, and prioritizing information cyber security risks at college;
Examining the client current technology, security controls, policies, and procedures to
assess potential threats or attacks; and
Evaluating the client threat landscape, vulnerabilities, and cyber gaps that pose a risk to its assets.
Develop an information security program using a framework such as National Institute of Standards and Technology (NIST) 800-53, Center of Internet Security (CIS) Critical
Security Controls, or CIS Implementation Group 1 (IG1) that protects the client in accordance with GLBA security requirements.
Provide information security leadership, communication, investigation, mitigation, Containment and post-incident analysis in the event of a cyber-incident
Update and enhance existing cybersecurity policies and procedures as required by the client. The policies include but not limited to:
- Vulnerability management
- Data management
- Incidence response
- Software management
- Hardware asset management.
Develop and implement the strategy to conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with security policies.
Implement the incident response plan, ensuring that all relevant teams are mobilized and aware of their roles and responsibilities.
Oversee the initial assessment to understand the scope and impact of the incident or breach. Coordinate with internal stakeholders, including senior management and the board of directors, to keep them informed about the incident or breach and the steps being taken to address it.
Lead the investigation to determine the cause of the incident or breach, how it occurred, and what data or systems were affected.
Oversee the remediation efforts to fix vulnerabilities and restore affected systems.
Ensure that all actions taken during the incident or breach response are thoroughly
Documented. Conduct a post-incident review to evaluate the response and identify lessons learned.
Provide a full written report of the incident, nature of the breach, compromised information, and correction actions taken to prevent future incidents or breaches.
About Us – WinningEdge
Job Search can be a painful & frustrating process. We take time to understand candidate skillsets, and job search preferences and match them with our ideal clients. Our team has a combined experience of over 100 years and we have successfully placed hundreds of candidates.
Virtual Chief Information Security Officer Services Maryland