Accord Technologies Inc.
Chief Information Security Officer
Accord Technologies Inc., Simpsonville, Maryland, us, 21150
Chief Information Security Officer
Location:
Columbia, MD Duration:
12 months extendable. Visa:
Visa independent candidates only. Locals to Columbia, MD are needed. Job Description: The candidate must possess at least 10 years of experience in IT security-related roles such as security analyst, network administrator, or similar positions. Leadership:
The Contractor must possess experience in management or leadership roles as CISOs need to lead teams and make strategic decisions.
Responsibilities:
Perform a detailed cyber risk assessment that includes:
Identifying, estimating, and prioritizing information cyber security risks. Examining HCC's current technology, security controls, policies, and procedures to assess potential threats or attacks. Evaluating HCC's threat landscape, vulnerabilities, and cyber gaps that pose a risk to its assets.
Act as HCC's Qualified Individual (QI) to present quarterly reports to HCC Board of Trustees and leadership as required by GLBA. Develop an information security program using a framework such as NIST 800-53, CIS Critical Security Controls, or CIS Implementation Group 1 (IG1) that protects HCC in accordance with GLBA security requirements. Provide information security leadership, communication, investigation, mitigation, containment, and post-incident analysis in the event of a cyber incident. Update and enhance existing cybersecurity policies and procedures as required by GLBA, including but not limited to:
Vulnerability management Data management Incident response Software management Hardware asset management
Provide guidance when analyzing real-time threat analysis identified by HCC's security operations center. Perform third-party and partner evaluations using the Higher Education Community Vendor Assessment Toolkit (HECVAT). Develop and implement the strategy to conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with security policies. Write a clear and concise incident response plan that meets industry standards. Participate in meetings as needed (i.e., weekly, monthly, quarterly, ad hoc, etc.). Under normal circumstances, in-person meetings are not required. In the event of an incident or breach, an in-person meeting may be required. Preferred Certifications: - Certified Information Systems Security Professional (CISSP) - Certified Information Security Manager (CISM) - Certified Information Systems Auditor (CISA) #J-18808-Ljbffr
Columbia, MD Duration:
12 months extendable. Visa:
Visa independent candidates only. Locals to Columbia, MD are needed. Job Description: The candidate must possess at least 10 years of experience in IT security-related roles such as security analyst, network administrator, or similar positions. Leadership:
The Contractor must possess experience in management or leadership roles as CISOs need to lead teams and make strategic decisions.
Responsibilities:
Perform a detailed cyber risk assessment that includes:
Identifying, estimating, and prioritizing information cyber security risks. Examining HCC's current technology, security controls, policies, and procedures to assess potential threats or attacks. Evaluating HCC's threat landscape, vulnerabilities, and cyber gaps that pose a risk to its assets.
Act as HCC's Qualified Individual (QI) to present quarterly reports to HCC Board of Trustees and leadership as required by GLBA. Develop an information security program using a framework such as NIST 800-53, CIS Critical Security Controls, or CIS Implementation Group 1 (IG1) that protects HCC in accordance with GLBA security requirements. Provide information security leadership, communication, investigation, mitigation, containment, and post-incident analysis in the event of a cyber incident. Update and enhance existing cybersecurity policies and procedures as required by GLBA, including but not limited to:
Vulnerability management Data management Incident response Software management Hardware asset management
Provide guidance when analyzing real-time threat analysis identified by HCC's security operations center. Perform third-party and partner evaluations using the Higher Education Community Vendor Assessment Toolkit (HECVAT). Develop and implement the strategy to conduct regular security audits and assessments to identify vulnerabilities and ensure compliance with security policies. Write a clear and concise incident response plan that meets industry standards. Participate in meetings as needed (i.e., weekly, monthly, quarterly, ad hoc, etc.). Under normal circumstances, in-person meetings are not required. In the event of an incident or breach, an in-person meeting may be required. Preferred Certifications: - Certified Information Systems Security Professional (CISSP) - Certified Information Security Manager (CISM) - Certified Information Systems Auditor (CISA) #J-18808-Ljbffr