Not finding your perfect job, let us help.

Click here to submit your job preferences.

VIP Staffing

Close Menu

Cyber Security Assessment Consultant Opening, San Antonio, TX

Location: San Antonio, TX

Post Date: 04/01/2021

NEED TO HAVE CISO EXPERIENCE

Cyber Security Program guidance and assessment consultant

requires a senior cyber security officer to assist the CIO in terms of evaluating the cyber security program and provide recommendations on the people, process, and technology alignment towards the implementation of a successful program. The engagement should be over a 4 to 6 week period and will encompass the following in general:

· Security operations: Real-time analysis of immediate threats, and triage when something goes wrong

· Cyberrisk and cyber intelligence: Keeping abreast of developing security threats, and helping the board understand potential security problems that might arise from acquisitions or other big business moves

· Data loss and fraud prevention: Making sure internal staff doesn’t misuse or steal data

· Security architecture: Planning, buying, and rolling out security hardware and software, and making sure IT and network infrastructure is designed with best security practices in mind

· Identity and access management: Ensuring that only authorized people have access to restricted data and systems

· Program management: Keeping ahead of security needs by implementing programs or projects that mitigate risks — regular system patches, for instance

· Investigations and forensics: Determining what went wrong in a breach, dealing with those responsible if they’re internal, and planning to avoid repeats of the same crisis

· Governance: Making sure all of the above initiatives run smoothly and get the funding they need — and that corporate leadership understands their importance

Deliverable: A report submitted to the CIO at the end of the engagement to summarize the following with respect to the areas mentioned above:

1. Personnel and recommendations on the governance and skillset along with the reporting structures

2. KPI to measure the program maturity along with recommendations on frameworks to use for risk mitigation (It is not enough to recommend a NIST or other framework, we already implement it, recommendation needs to be with respect to measurement of overall risk and measurement)

3. Evaluate the tools and technologies in place and validate architectural direction

4. Cadence for testing, auditing and evaluations

5. Overall budgetary recommendations for best practices

Experience and skills

We need someone with 10+ years of experience in IT management specifically with respect to a cyber security program design. Not necessarily a technical person but a person who has a breadth of experience in designing and implementing a cyber security program preferably at multiple engagements. The engagement is NOT to run a security operation like a CISO but to advise the executives on the successful design and measurement of program maturity and human resources need. It is important for the person to have experience as a CISO or an executive with responsibility to implement a cyber security program at an organization with more than 1500 employees so as to provide guidance and advisory services.

· Significant experience with business management and a working knowledge of information security risk management and cybersecurity technologies and strategy

· Strong understanding of Linux, virtualization, and networking concepts

· Familiarity with industry security standards including NIST, ISO, SANS, COBIT, CERT

· Familiarity with current data privacy regulations, including GDPR and regional standards.

· Strong understanding and experience with cyber security program measurement.

Capable of understanding and communicating business and profit impact that infosec operations have on the organization


Click Here to Apply