[Remote] Manager, ISS – Cybersecurity

Note: The job is a remote job and is open to candidates in USA. BDO is a company focused on cybersecurity solutions, and they are seeking a Cybersecurity Manager to oversee compliance assessments and provide policy guidance. The role involves evaluating systems for compliance with various cybersecurity frameworks and managing customer cyber policies and incident response efforts.

Responsibilities

• Knowledge of applicable laws (e.g., Electronic Communications Privacy Act, Foreign Intelligence Surveillance Act, Protect America Act, search and seizure laws, civil liberties, and privacy laws), statutes (e.g., in Titles 10, 18, 32, 50 in U.S. Code), Presidential Directives, executive branch guidelines, and/or administrative/criminal legal guidelines and procedures relevant to work performed
• Knowledge of current and emerging cyber technologies
• Evaluates a system's compliance with information technology (IT) security, resilience, and dependability requirements
• Knowledge of computer networking concepts and protocols, and network security methodologies
• Ability to develop policy, plans, and strategy in compliance with laws, regulations, policies, and standards in support of organizational cyber activities
• Assesses the effectiveness of NIST 800-171/CMMC security controls
• Designs/integrates a cyber strategy that outlines the vision, mission, and goals that align with the organization’s strategic plan.
• Drafts, staffs, and publishes cyber policy
• Develops methods to monitor and measure risk, compliance, and assurance efforts
• Develops specifications to ensure risk, compliance, and assurance efforts conform with security, resilience, and dependability requirements at the software application, system, and network environment level
• Drafts statements of preliminary or residual security risks for system operation.
• Maintains information systems assurance and accreditation materials
• Performs security reviews, identifies gaps in security architecture, and develops a security risk management plan
• Performs security reviews and identify security gaps in security architecture resulting in recommendations for inclusion in the risk mitigation strategy
• Performs risk analysis (e.g., threat, vulnerability, and probability of occurrence) whenever an application or system undergoes a major change
• Plans and conducts security authorization reviews and assurance case development for initial installation of systems and networks
• Verifies that application software/network/system security postures are implemented as stated, documents deviations, and recommends required actions to correct those deviations
• Assesses policy needs and collaborates with stakeholders to develop policies to govern cyber activities
• Monitors the rigorous application of cyber policies, principles, and practices in the delivery of planning and management services
• Provides policy guidance to cyber management, staff, and users
• Reviews, conducts, or participates in audits of cyber programs and projects
• Supports the CIO in the formulation of cyber-related policies
• Interprets and applies applicable laws, statutes, and regulatory documents and integrate into policy
• Promotes awareness of cyber policy and strategy as appropriate among management and ensure sound principles are reflected in the organization’s mission, vision, and goals
• Knowledge of risk management processes (e.g., methods for assessing and mitigating risk)
• Knowledge of emerging technologies that have potential for exploitation by adversaries
• Knowledge of national and international laws, regulations, policies, and ethics as they relate to cybersecurity
• Knowledge of specific operational impacts of cybersecurity lapses
• Ability to leverage best practices and lessons learned of external organizations and academic institutions dealing with cyber issues
• Serves as a member of the consulting group’s management team
• Supervises, develops, and trains associates and senior associates
• Reviews and evaluates work prepared by associates and senior associates
• Trains associates and senior associates on how to use current software tools and Industry Specialty Services methodology
• Schedules and supervises workload of associates and senior associates
• Provides verbal and written performance feedback to associates and senior associates
• Acts as a Career Advisor to associates and senior associates Skills
• Bachelor’s degree in Cybersecurity, Information Assurance, Information Technology, Software Engineering, Information Systems, Computer Science, Computer Engineering or other relevant field
• 5 or more years of relevant experience including experience in Cybersecurity, information assurance, information technology, software engineering, information systems, computer science, computer engineering
• One (1) or more certifications: Security +, CISSP, CISM, CEH, CHFI, CySA +, CCNA Security, CAP, CNDA, CMMC Registered Practitioner, CMMC Certified Assessor
• Familiar with Firewal

Apply tot his job Apply To this Job