CyberTec
Security Manager, functioning as Senior Security PCI Compliance Analyst
CyberTec, Boca Raton, Florida, us, 33481
client Florida Department of Transportation (FDOT) in Boca Raton, FL.This is onsite position.10 months+Rate: $70-80H C2C. If higher let me know.USC, GC
Exhibit F must be completed.
Job Family: Security ManagementJob Title: Security Manager, functioning as Senior Security PCI Compliance Analyst Job #: 6800Variance: Sr. Manager
SummaryThis position reports to the Security Risk and Compliance Office (SRCO) Manager, Information Technology Officeof Florida's Turnpike Enterprise (FTE). The candidate will have hands-on experience performing PCI_DSSassessment, SOC2 Type1 and Type2 audits, developing KPI and reporting matrix, and formulating cost-benefitanalysis to help align SRCO and Network Operations technology solutions with business initiatives and delivery.Have a good understanding of Network and Security technology solutions and can articulate them to meetcurrent and future FTE's Information Technology and business initiatives.
Responsibilities- Coordinate and perform annual PCI certification, perform interim assessments, and work with the broaderInformation Technology team to remediate identified gaps. Ensure that established timelines of the yearlycertification are met.- Coordinate and perform Department's annual SOC2 assessment. This includes coordinating with internal andexternal parties to obtain documentation, obtaining necessary approvals, and meeting established timelines.- Perform interim and annual reviews, including assisting with ad-hoc audits for compliance with State of Floridastatus and established compliance requirements and industry best practices.- Manage vulnerability program to ensure remediation based on established Service Level Agreements,including PCI-DSS and Cybersecurity Frameworks. Develop management reporting.- Develop and maintain Department's KPI and create monthly and quarterly reporting for the leadership.- Assist the SIRT team in formulating testing schedules, conducting tabletop exercises, and facilitating lessonslearned workshops and management reports.- Maintain and enhance SRCO and Network Operations software and tools to identify licensure, includingannual renewals. Work with the TDC procurement team to explore opportunities for consolidating renewals.- Assist with managing supply chain oversight, including establishing, maintaining, and performing a riskassessment. Develop risk matrix and management reporting.
RequirementsEducation:- Bachelor's degree or equivalent experience
Experience:- Must have 5 to 7 years of hands-on experience in performing PCI-DSS assessment- Must have 4 to 6 years of hands-on experience with SOC2, Type1, and Type 2 assessment- Strong experience with managing and organizing Security Incident Response Team (SIRT) activates- Must have 5 to 7 years of experience using GRC tools such as Archer and ServiceNow.- Must have 3 to 4 years of hands-on experience performing IT business processes and cost-benefit analysis.- Must have strong presentation and written communication skills.- Strong working knowledge of Excel, Visio, MS Word, and developing PowerPoint presentations.- Have a good understanding of Information Technology tools and technology supporting overall ITorganization and business.Certification- Certified Information Security Manager (CISM) or Certified Information Security Auditor (CISA)(Preferred)
Exhibit F must be completed.
Job Family: Security ManagementJob Title: Security Manager, functioning as Senior Security PCI Compliance Analyst Job #: 6800Variance: Sr. Manager
SummaryThis position reports to the Security Risk and Compliance Office (SRCO) Manager, Information Technology Officeof Florida's Turnpike Enterprise (FTE). The candidate will have hands-on experience performing PCI_DSSassessment, SOC2 Type1 and Type2 audits, developing KPI and reporting matrix, and formulating cost-benefitanalysis to help align SRCO and Network Operations technology solutions with business initiatives and delivery.Have a good understanding of Network and Security technology solutions and can articulate them to meetcurrent and future FTE's Information Technology and business initiatives.
Responsibilities- Coordinate and perform annual PCI certification, perform interim assessments, and work with the broaderInformation Technology team to remediate identified gaps. Ensure that established timelines of the yearlycertification are met.- Coordinate and perform Department's annual SOC2 assessment. This includes coordinating with internal andexternal parties to obtain documentation, obtaining necessary approvals, and meeting established timelines.- Perform interim and annual reviews, including assisting with ad-hoc audits for compliance with State of Floridastatus and established compliance requirements and industry best practices.- Manage vulnerability program to ensure remediation based on established Service Level Agreements,including PCI-DSS and Cybersecurity Frameworks. Develop management reporting.- Develop and maintain Department's KPI and create monthly and quarterly reporting for the leadership.- Assist the SIRT team in formulating testing schedules, conducting tabletop exercises, and facilitating lessonslearned workshops and management reports.- Maintain and enhance SRCO and Network Operations software and tools to identify licensure, includingannual renewals. Work with the TDC procurement team to explore opportunities for consolidating renewals.- Assist with managing supply chain oversight, including establishing, maintaining, and performing a riskassessment. Develop risk matrix and management reporting.
RequirementsEducation:- Bachelor's degree or equivalent experience
Experience:- Must have 5 to 7 years of hands-on experience in performing PCI-DSS assessment- Must have 4 to 6 years of hands-on experience with SOC2, Type1, and Type 2 assessment- Strong experience with managing and organizing Security Incident Response Team (SIRT) activates- Must have 5 to 7 years of experience using GRC tools such as Archer and ServiceNow.- Must have 3 to 4 years of hands-on experience performing IT business processes and cost-benefit analysis.- Must have strong presentation and written communication skills.- Strong working knowledge of Excel, Visio, MS Word, and developing PowerPoint presentations.- Have a good understanding of Information Technology tools and technology supporting overall ITorganization and business.Certification- Certified Information Security Manager (CISM) or Certified Information Security Auditor (CISA)(Preferred)