AgreeYa Solutions
Cyber Security Specialist IV Cyber Security Specialist IV Job at AgreeYa Solutio
AgreeYa Solutions, Morrisville, NC, United States
Title: Cyber Risk Management
Location: Morrisville NC (Local/Near By)
Duration : Contract
OverView:
Design and administer procedures in the organization that sustains the security of the organization's data and access to its technology and communications systems. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and the data contained in them.
Duties: Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings Strong analytical/assessment capability (e.g., conducting gap analyses, risk assessments) Experience with systems engineering discipline Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings Strong analytical/assessment capability (e.g., conducting gap analyses, risk assessments). Must have demonstrated knowledge and experience in:
Designing, developing, implementing, executing, and improving third-party cyber risk management strategy and practices (public and/or private sector) Adapting and implementing industry cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, CIS 18, Zero Trust Principles, FedRAMP) Assessing supply chain risk based on recognized audit reports (e.g., SOC 2 Type II) and/or questionnaire responses Managing and instructing diverse teams with varying levels of subject matter expertise Managing competing priorities to ensure timely completion of work Communicating with cross-functional leadership and other stakeholders (especially supply chain management) on third-party risk management strategy, risk management activities, and risks Learning on the job to expand knowledge for self and team members Working with third party risk assessment platforms (e.g., Process Unity GRX) Working with Risk Management platforms (e.g., Diligent RSAM) Technical Writing Contract Review and Negotiations Nice to have:
Public and Private Sector Experience Proximity ( Familiarity with CyberGRX (now Process Unity GRX) and Diligent RSAM
EXPERIENCE LEVEL:
10+ years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.
EDUCATION:
Must possess a Bachelor's Degree or Master's Degree, PhD or JD in Computer Science, Information Technology or Information Security (Masters Degree preferred).
CERTIFICATIONS: (One or more required)
CISSP, CCSK/CCSP, PMP and/or CISA certifications CRISC - Certified in Risk and Information Systems Control
CISM - Certified Information Security Manager
About AgreeYa: AgreeYa is a global systems integrator delivering a competitive advantage for its customers through software, solutions, and services. Established in 1999, AgreeYa is headquartered in Folsom, California, with a global footprint and a team of more than 1,800+ professionals across offices. AgreeYa works with 550+ organizations ranging from Fortune 100 firms to small and large businesses across industries such as Telecom, Banking, Financial Services & Insurance, Healthcare, Utility & Energy, Technology, Public Sector, Pharma & Biotech, Retail, Client, and others. Please visit us at www.agreeya.com for more information.
Equal Opportunity: AgreeYa is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, veteran status or other protected characteristics. Visit our website at www.agreeya.com/career-culture to learn about our Career & Culture.
Location: Morrisville NC (Local/Near By)
Duration : Contract
OverView:
Design and administer procedures in the organization that sustains the security of the organization's data and access to its technology and communications systems. Assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and the data contained in them.
Duties: Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings Strong analytical/assessment capability (e.g., conducting gap analyses, risk assessments) Experience with systems engineering discipline Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings Strong analytical/assessment capability (e.g., conducting gap analyses, risk assessments). Must have demonstrated knowledge and experience in:
Designing, developing, implementing, executing, and improving third-party cyber risk management strategy and practices (public and/or private sector) Adapting and implementing industry cybersecurity frameworks and standards (e.g., ISO 27001, NIST CSF, NIST 800-53, NIST 800-171, CIS 18, Zero Trust Principles, FedRAMP) Assessing supply chain risk based on recognized audit reports (e.g., SOC 2 Type II) and/or questionnaire responses Managing and instructing diverse teams with varying levels of subject matter expertise Managing competing priorities to ensure timely completion of work Communicating with cross-functional leadership and other stakeholders (especially supply chain management) on third-party risk management strategy, risk management activities, and risks Learning on the job to expand knowledge for self and team members Working with third party risk assessment platforms (e.g., Process Unity GRX) Working with Risk Management platforms (e.g., Diligent RSAM) Technical Writing Contract Review and Negotiations Nice to have:
Public and Private Sector Experience Proximity ( Familiarity with CyberGRX (now Process Unity GRX) and Diligent RSAM
EXPERIENCE LEVEL:
10+ years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.
EDUCATION:
Must possess a Bachelor's Degree or Master's Degree, PhD or JD in Computer Science, Information Technology or Information Security (Masters Degree preferred).
CERTIFICATIONS: (One or more required)
CISSP, CCSK/CCSP, PMP and/or CISA certifications CRISC - Certified in Risk and Information Systems Control
CISM - Certified Information Security Manager
About AgreeYa: AgreeYa is a global systems integrator delivering a competitive advantage for its customers through software, solutions, and services. Established in 1999, AgreeYa is headquartered in Folsom, California, with a global footprint and a team of more than 1,800+ professionals across offices. AgreeYa works with 550+ organizations ranging from Fortune 100 firms to small and large businesses across industries such as Telecom, Banking, Financial Services & Insurance, Healthcare, Utility & Energy, Technology, Public Sector, Pharma & Biotech, Retail, Client, and others. Please visit us at www.agreeya.com for more information.
Equal Opportunity: AgreeYa is an equal opportunity employer. We evaluate qualified applicants without regard to race, color, religion, gender identity, sexual orientation, national origin, disability, veteran status or other protected characteristics. Visit our website at www.agreeya.com/career-culture to learn about our Career & Culture.