Senior Security Advisor – Lead Control Assessor

🕒 Fevereiro 18

🌴 South Carolina – Remoto

🌴 South Carolina – Remote

⏰ Tempo Integral

🟠 Sênior

👮‍♂️ Cibersegurança / Engenheiro de Segurança

Candidatar-se

Encontrar Vagas Remotas Similares

Receber Emails de Vagas Remotas

📊 Verifique sua pontuação de currículo para esta vaga

Melhore suas chances de conseguir uma entrevista verificando sua pontuação de currículo antes de se candidatar.

Enviar Currículo

Soteria - Security Solutions & Advisory

SiteLinkedInTodas as Vagas

11 - 50 funcionários

🔒 Cibersegurança

📋 Conformidade

💰 $2.500.000 Venture Round em 2018-04

Cybersecurity • Compliance

A Soteria é uma organização focada no cliente que oferece soluções especializadas em consultoria e segurança sob medida para ajudar a prevenir e responder a incidentes de cibersegurança. Estabelecida em 2014 e sediada em Charleston, Carolina do Sul, a Soteria oferece uma gama de serviços, incluindo detecção e resposta gerenciada, monitoramento de domínios, resposta a incidentes, serviços de segurança ofensivos e avaliações de segurança. A empresa se orgulha de defender as empresas contra o cibercrime 24 horas por dia, 7 dias por semana, oferecendo soluções personalizadas que aprimoram as operações de segurança. A equipe da Soteria possui ampla experiência em diversas indústrias, governos estaduais e comunidades de inteligência federal, enfatizando a crença de que 'Segurança é para Todos'.

Descrição

• Lead and execute cybersecurity control assessments against a defined subset of key controls aligned to established frameworks (NIST SP 800-53 Rev. 5). • Assess control implementation status using standardized criteria and validation methodologies. (NIST SP 800-53A Rev. 5). • Test information systems using documentation review, system walk-throughs, and stakeholder interviews to assess the design and operating effectiveness of NIST SP 800-53 Rev. 5 security controls. • Apply consistent judgment to determine evidence sufficiency and appropriateness. • Lead planning, kickoff, execution coordination, and closeout activities for assigned assessment engagements. • Coordinate assessment activities and task assignments across Control Assessors to meet delivery timelines. • Serve as the primary point of contact for client stakeholders during assessment engagements. • Review and approve assessment narratives, findings, and control determinations prior to quality assurance submission. • Ensure assessments are executed consistently across multiple clients to support trend analysis and benchmarking. • Enforce adherence to defined assessment methodologies, scope boundaries, and validation standards. • Support quality assurance reviews by addressing feedback and ensuring accuracy, clarity, and consistency of deliverables. • Lead and participate in client interviews, system walkthroughs, and working sessions in a professional, structured manner. • Clearly communicate assessment scope, expectations, and evidence requirements to stakeholders. • Present assessment results, key findings, and risk implications to executive leadership and board-level stakeholders in a clear, concise, and professional manner. • Mentor and guide Control Assessors on assessment techniques, documentation standards, and professional judgment. • Escalate risks, issues, or control interpretation questions to program leadership as appropriate.

🎯 Requisitos

• 7+ years of industry experience in cybersecurity, information security, IT audit, or risk and compliance. • 2+ years of experience leading or performing cybersecurity control assessments or IT audits, with demonstrated responsibility for control testing and validation. • Bachelor’s degree in Information Security, Information Systems, Computer Science, or a related field, or equivalent professional experience. • Relevant professional certifications such as CISSP, CISM, CISA, CRISC , or equivalent strongly preferred. • Proven experience testing and evaluating security controls aligned to NIST SP 800-53 Rev. 5 and applying assessment procedures consistent with NIST SP 800-53A Rev. 5. • Experience executing repeatable, methodology-driven assessment programs across multiple organizations or systems. • Strong written and verbal communication skills, including experience presenting assessment results to executive and board-level audiences. • Maintains confidentiality and professionalism with sensitive client information.

🏖️ Benefícios

• Remote work flexibility • Professional development opportunities • Health insurance • Retirement plans