Cyber Security Controls Assessor
Company: CYNET SYSTEMS
Location: Oakland
Posted on: January 21, 2023
Job Description:
Job Description:
Responsibilities:
- Perform multi-platform (application, database, operating
system, middleware, monitoring tools, and business processes) level
assessments based on predefined test objectives and test plans.
Perform retest of controls that have been remediated or updated due
to previously identified deficiencies.
- Obtain, review, and interpret evidence provided to validate
controls are performed effectively.
- Execute and report on results of IT Compliance assessments in
accordance with industry best practices and established regulatory
standards and requirements (e.g., NIST SP800-53, SP800-115, SOX,
NERC CIP).
- Obtain, review, and interpret organizational IT policies,
standards, and procedures to identify control points that would
assist in mitigating risk to the business.
- Review test results or interpret evidence to address
vulnerabilities, gaps, or control deficiencies; work with
stakeholders to establish plans for sustainable
resolution.
- Identify risks associated with control failures and support the
identification of mitigating controls.
- Partner with control owners to ensure control documentation is
updated periodically to reflect the current control
environment.
- Perform other tasks as necessary to ensure that the Compliance
meets its commitments to customers.
- Support the Compliance Sr. Manager/Manager as needed.
Qualifications:
Minimum Education Required:
- BA/BS in Computer Science, Business, or equivalent
experience.
- Minimum On-the-Job Experience.
- Minimum of 3 years of general IT experience, including IT
security or IT risk management experience.
- Experience using Excel worksheets, workbooks, and
formulas.
- Experience managing multiple projects with conflicting
priorities.
Desired Experience:
- Utility Industry Experience.
- Big 4 experience.
- Demonstrated experience with Sarbanes Oxley or National
Institute of Standards and Technology (NIST) SP800-53 security
controls catalog.
Minimum Required License / Certification:
- At least one existing certification from the following list,
which must be currently maintained and valid:
certification:
- Cisco Certified Networking Associate (CCNA).
- Certified Information Systems Auditor (CISA).
- Certified in Risk and Information System Control
(CRISC).
- Certified Internal Auditor (CIA).
- Certified Information Systems Security Professional
(CISSP).
Desired License / Certification:
- One + current and valid certifications directly applicable or
complementary to the role and area of expertise, including those
listed above, as well as:
- Certified Ethical Hacker (CEH).
- Information Technology Infrastructure Library (ITIL).
- Microsoft Certified Professional/Security Engineer (MCP,
MCSE).
- Cisco Certified Network Associate/Professional (CCNA,
CCNP).
- Certified Information Security Manager (CISM).
- Project Management Professional (PMP).
Knowledge, Skills, and Abilities:
- Strong oral and written communication skills.
- Strong analytical skills.
- Understanding of application, database, network and systems
security.
- Understanding of general computing controls (GCCs).
- Able to identify complex control gaps.
- Understanding of generally applicable and accepted auditing
standards and framework (e.g. COBIT) and best practices for IT
services management (e.g., ITIL), regulatory standards and
requirements (e.g. Sarbanes Oxley Act, NERC/CIP).
- Excellent planning, organizational, and project management
skills.
- Able to multi-task projects or assessments.
- Ability to work with minimal supervision in a fast-paced
environment.
- Detail oriented.
Keywords: CYNET SYSTEMS, Oakland , Cyber Security Controls Assessor, Other , Oakland, California
Didn't find what you're looking for? Search again!
Loading more jobs...