Architect - Expert ISO Policy Change Development (Remote)

Job Description

Job Description

Job Title : Architect - Expert ISO Policy Change Development (Remote)

Location : Raleigh, NC

Duration : 12+ Months

Job Description :

The client requires a contract information security specialist (expert) architect / analyst resource to provide information security policy, process, procedure, and program development for client and the client business.  This position will be an client Information Security Business Architect (ISBA, working title) dedicated primarily to support the creation and update of client's security program and related policies, standards, and procedures / processes.

Skills :

Skill Required / Desired Amount of Experience Current or prior role as a PCI-DSS Qualified Security Assessor (QSA) or PCI-DSS Internal Security Assessor (ISA)DesiredExperience leading or directly supporting PCI-DSS annual assessment for a L1 or L2 merchant, familiarity with PCI-DSS 3.2 or higher.DesiredStrong knowledge and experience architecting / designing implementations, configuring, and risk assessing AWS and / or Azure cloud computing environments.DesiredProgressive advanced experience as an IT information security professional working within an enterprise environment.Required5YearsHands -on experience implementing, administrating and operating technologies such as firewalls, IDS / IPS, SIEM, antivirus, network traffic analyzersNice to have5YearsDetailed technical experience with network security, security protocols, access control, cryptography, application security, and data protection.Required5YearsExtensive experience with data classification, handling, assessment, and enforcement.Required5YearsExperience implementing and supporting systems within enterprise-class data center environments.Required5YearsAdvanced knowledge of regulatory compliance including, but not limited to : OWASP, ISO, NIST, FISMA, PCI-DSS, HIPAA and IRS- 1075.Required5YearsExperience leading risk assessments using industry standard frameworks such as ISO or NIST for complex IT projects and technologies.Required5YearsExperience developing, leading and executing information security incident response plans.Required5YearsExperience developing and implementing information security policy, standards and procedures.Required5YearsExperience providing research and evidence in support of audits.Required3YearsCISSP information security certification.Nice to haveSpecific experience implementing, administrating, or operating Tenable Nessus.Nice to haveSpecific experience implementing, administrating, operating or utilizing IBM Qradar SIEMHighly desired2YearsExperience consulting on information security solutions for a state or federal agency.Required2YearsExperience implementing and operating enterprise class data networking solutionsNice to haveExperience implementing and operating enterprise class server and storage systemsNice to haveYearsDetailed expert knowledge of NIST 800-53, and performing risk assessments utilizing NIST 800- 53.Required2YearsDetailed expert knowledge of ISO 27001, and performing risk assessments utilizing ISO 27001Nice to haveDetailed expert knowledge of the NIST Cyber Security Framework (CSF), and performing risk assessments utilizing the NIST CSF.Required2YearsFamiliarity and experience with the Department of Homeland Security (DHS) Cyber Security Evaluation Tool (CSET).Nice to have2YearsExperience consulting on information security and IT solutions for a state motor vehicles agency or department of transportation.RequiredExperience performing risk assessments, documenting and driving compliance with the North Carolina DIT Statewide Information Security Manual.RequiredExperience completing NC Department of Information Technology Privacy Threshold Analysis (PTA) documentation.Nice to haveExperience completing NC Department of Information Technology Vendor Readiness Assessment Report (VRAR) documentation.Highly desiredTrained and experience implementing and operating with ITIL (formerly Information Technology Infrastructure Library) concepts.Nice to haveITIL (formerly Information Technology Infrastructure Library) certification.Nice to haveFamiliarity and practical experience with SABSA or TOGAF enterprise architecture frameworks and methodologies.Nice to haveSABSA or TOGAF certification.Nice to have

Powered by JazzHR

p7H4mrVzWN