Information
Security Consultant
-
New York
-
$
80 Per Hour
-
Contract
Reference: 38337
Business Sector: Infrastructure
Description
Job Title: Information Security Consultant
Terms: 6-month initial contract, extensions highly likely
Work Location: 4 days onsite, NYC
Job Summary:
The position will be responsible for overseeing and reporting on the management and mitigation of information security risks including cybersecurity across the branch and held accountable for the results of this oversight and reporting. The position is responsible for implementing an information and cybersecurity program adhering to Cybersecurity Regulation (NYDFS Part 500) and other ISO requirements. The position oversees and implements the cybersecurity program and enforces cybersecurity policy and procedures for the branch.
Key Responsibilities:
Capability / Experience Requirements:
Knowledge & Experience Requirements:
Terms: 6-month initial contract, extensions highly likely
Work Location: 4 days onsite, NYC
Job Summary:
The position will be responsible for overseeing and reporting on the management and mitigation of information security risks including cybersecurity across the branch and held accountable for the results of this oversight and reporting. The position is responsible for implementing an information and cybersecurity program adhering to Cybersecurity Regulation (NYDFS Part 500) and other ISO requirements. The position oversees and implements the cybersecurity program and enforces cybersecurity policy and procedures for the branch.
Key Responsibilities:
- Implementing the Information Security / Cybersecurity strategy and objectives including strategies as directed by the CISO, to monitor metrics & reports and manage current and emerging risks
- Engaging with third parties for effective third-party management practices including 3rd party risk management
- Working with management in the lines of business to understand the flows of information the risks to that information, and the best ways to protect the information
- Updating and enhancing IS Policy and supporting procedures and other ISO documentation
- Informing the branch, management and staff of information security and cybersecurity risks and the role of staff in protecting information via training and presentations
- Managing and monitoring IT Risk Acceptances
- Participating in on-going ISO Team meetings and contribute ideas & improvements
- Proactively present emerging topics prior to them becoming issues and/or concerns
- Ensuring completeness & accuracy of ISO documentation and reports
- Monitoring and detection of third-party risks and/or issues (e.g. contract expiration)
- Contributing to a recurring annual risk assessment program by ensuring its accuracy and completeness
- Serving as ISO team project/task tracker coordinator/recorder
- Conducting and manage application security & risk assessments
- Successfully completing required periodic reporting and training by timely and accurately reporting them
- Assisting CISO with applicable projects and tasks supporting the above
Capability / Experience Requirements:
Knowledge & Experience Requirements:
- Bachelor’s degree or equivalent; Advanced degree in computer science or information system related, or IT background is preferred
- 10+ years relevant experience or compensating training and education
- Certifications: CISSP, CISA, and/or CISM desirable
- Strong knowledge of computer-based risk management systems relevant to the types of business activities to be conducted by the Branch
- Strong knowledge of Cybersecurity Regulations and information security best practices
- Experienced with implementing guidelines such as FFIEC Handbooks, NIST Guidelines
- Excellent writing and communication skills (including reading and writing)
- Strong work ethics, positive attitude and a sense of responsibility
- Effective analytical and problem-solving skills
- Immense attention to details and capability to identify issues and/or improvements