Chief Information Security Officer - IMAPS
June 3
🔄 Hybrid – Los Angeles
Description
• Serve as a POC for Information System with security issues • Coordinate security program and system elements with the agency IT Program Managers by evaluating system environments for security requirements and controls including IT Security Architecture, hardware, software, telecommunications, security trends, and associated threats and vulnerabilities • Manage security controls to ensure confidentiality, integrity, and availability of information • Build security into the system development process and define security specifications to Support the acquisition of new systems • Serve as a key advisor in risk assessments of all systems and mitigate vulnerabilities • Adhere to Continuous Monitoring practices to ensure that security controls are maintained over the life of IT systems • Assist the System Owner in the development, testing, and maintenance of contingency plans, backup, and storage procedures • Audit and monitor application, system, and security logs for security threats, vulnerabilities, and suspicious activities; document all procedures according to departmental standards • Monitor and coordinate patch management and scanning techniques for all unit systems; participate in the identification and mitigation of all system vulnerabilities • Ensure that Vulnerability and/or Compliance scans/reports are processed in accordance with the Continuous Monitoring plan/strategy • Assist the Information System Security Manager (ISSM) in any other security-related duties, as required
Requirements
• Be knowledgeable of Federal, Departmental, and security regulations • Seven+ years of network or security operational experience, including at least 2 years in a senior management/Director level position in an IT enterprise environment, or cybersecurity-focused organization • Significant and demonstrated capabilities to assess organizational cyber security hygiene, quantify cyber risk in a prioritized schema, and recommend tactical and strategic courses of action to executive leadership • Experience in execution of cyber security uplift in government, financial services, or professional services industry • Demonstrable knowledge of information security technologies, networking, and network and systems architecture • Deep and hands-on understanding of the current cyber threat landscape, attack methodologies, and risk mitigation/ remediation methods experience in cyber forensics and highly complex threat analyses • Knowledge of common information security management frameworks, such as NIST or other data security standards or widely accepted information security recommended actions • Excellent written and verbal communication skills
Benefits
• Potential for Telework • Standard Background Check • W2 or 1099
Apply Now
