Senior Security Advisor – Lead Control Assessor

🕒 il y a 3 mois

🌴 South Carolina – Distant

🌴 South Carolina – Remote

⏰ Temps Plein

🟠 Senior

👮‍♂️ Cybersécurité / Ingénieur Sécurité

Postuler Maintenant

Trouver des Emplois à Distance Similaires

Recevoir des emails pour des emplois à distance

📊 Vérifiez votre score de CV pour ce poste

Améliorez vos chances d'obtenir un entretien en vérifiant votre score de CV avant de postuler.

Télécharger le CV

Soteria - Security Solutions & Advisory

Site WebLinkedInTous les Emplois

11 - 50 employés

🔒 Cybersecurity

📋 Conformité

💰 €2 500 000 Venture Round en 2018-04

Cybersecurity • Compliance

Soteria est une organisation centrée sur le client fournissant des conseils d'experts, du consulting et des solutions de sécurité sur mesure pour aider à prévenir et à répondre aux incidents de cybersécurité. Établie en 2014 et basée à Charleston, en Caroline du Sud, Soteria offre une gamme de services incluant la détection et la réponse gérées, la surveillance de domaine, la réponse aux incidents, les services de sécurité offensive et les évaluations de sécurité. L'entreprise se distingue par sa défense des entreprises contre la cybercriminalité 24/7 et la délivrance de solutions personnalisées qui améliorent les opérations de sécurité. L'équipe de Soteria apporte une vaste expérience de diverses industries, des gouvernements d'État et des communautés de renseignement fédérales, soulignant la conviction que 'la sécurité est pour tout le monde.

Description

• Lead and execute cybersecurity control assessments against a defined subset of key controls aligned to established frameworks (NIST SP 800-53 Rev. 5). • Assess control implementation status using standardized criteria and validation methodologies. (NIST SP 800-53A Rev. 5). • Test information systems using documentation review, system walk-throughs, and stakeholder interviews to assess the design and operating effectiveness of NIST SP 800-53 Rev. 5 security controls. • Apply consistent judgment to determine evidence sufficiency and appropriateness. • Lead planning, kickoff, execution coordination, and closeout activities for assigned assessment engagements. • Coordinate assessment activities and task assignments across Control Assessors to meet delivery timelines. • Serve as the primary point of contact for client stakeholders during assessment engagements. • Review and approve assessment narratives, findings, and control determinations prior to quality assurance submission. • Ensure assessments are executed consistently across multiple clients to support trend analysis and benchmarking. • Enforce adherence to defined assessment methodologies, scope boundaries, and validation standards. • Support quality assurance reviews by addressing feedback and ensuring accuracy, clarity, and consistency of deliverables. • Lead and participate in client interviews, system walkthroughs, and working sessions in a professional, structured manner. • Clearly communicate assessment scope, expectations, and evidence requirements to stakeholders. • Present assessment results, key findings, and risk implications to executive leadership and board-level stakeholders in a clear, concise, and professional manner. • Mentor and guide Control Assessors on assessment techniques, documentation standards, and professional judgment. • Escalate risks, issues, or control interpretation questions to program leadership as appropriate.

🎯 Exigences

• 7+ years of industry experience in cybersecurity, information security, IT audit, or risk and compliance. • 2+ years of experience leading or performing cybersecurity control assessments or IT audits, with demonstrated responsibility for control testing and validation. • Bachelor’s degree in Information Security, Information Systems, Computer Science, or a related field, or equivalent professional experience. • Relevant professional certifications such as CISSP, CISM, CISA, CRISC , or equivalent strongly preferred. • Proven experience testing and evaluating security controls aligned to NIST SP 800-53 Rev. 5 and applying assessment procedures consistent with NIST SP 800-53A Rev. 5. • Experience executing repeatable, methodology-driven assessment programs across multiple organizations or systems. • Strong written and verbal communication skills, including experience presenting assessment results to executive and board-level audiences. • Maintains confidentiality and professionalism with sensitive client information.

🏖️ Avantages

• Remote work flexibility • Professional development opportunities • Health insurance • Retirement plans