CCM Consulting
Short Hills, NJ
Post Resume to
View Contact Details &
Apply for Job
Job Description :

Cybersecurity Senior Risk Analyst

Work Location: NYC

Hybrid: Work location (15 MTC, 16th Floor) & Remote Tuesdays & Fridays (3 days in office/2 days remote)

Duration: 2 Years

SCOPE OF SERVICES

TASKS:

  • Build new risk processes and implement risk frameworks to enable better monitoring and evaluation of risks across the City;
  • Manage complex, cross-functional projects, pushing through ambiguity and challenges which may arise;
  • Work with stakeholders across various divisions, soliciting input and working through feedback;
  • Evaluate risk of third parties used by New York City agencies;
  • Document and track remediation of risks in the Risk Register;
  • Review and analyze various cybersecurity risk cases, justification, and exceptions documents submitted by agencies;
  • Assist in the development of cybersecurity risk assessment procedures and testing methodologies based on established frameworks and guidelines;
  • Initiating corrective actions to remediate vulnerabilities or weaknesses where necessary;
  • Engage in communications with NYC Agencies;
  • Handle special projects and initiatives as assigned.

MANDATORY SKILLS/EXPERIENCE Note: Candidates who do not have the mandatory skills will not be considered

A minimum of 4 years of experience in risk management or cybersecurity risk assessment or 4 years of experience evaluating and managing third parties in a cybersecurity team.

DESIRABLE SKILLS/EXPERIENCE:

  • BS/BA degree in Cybersecurity, Risk Management, Information Systems, Computer Science, or a related field.
  • One or more of the following certifications are a plus:
    • Certified Information Systems Auditor (CISA)
    • Certified Information Systems Security Professional (CISSP)
    • Certified in Risk and Information Systems Control (CRISC)
    • Certified Information Security Manager (CISM)
    • CompTIA Security+
    • CompTIA Network+
    • CompTIA A+
    • CompTIA CySA+
    • Cisco Certified Network Associate - CCNA
    • CEH: Certified Ethical Hacker
    • GIAC Information Security Fundamentals (GISF)
    • GIAC Security Essentials (GSEC)
    • (ISC)2 Systems Security Certified Practitioner (SSCP)
  • Ability to work effectively in a team environment.
  • Being highly organized, motivated and a self-directed professional.
  • Knowledge of hardware, software, data, and network principles and systems related to Private and/or Public Sectors services.
  • Understanding of commonly used computer operating systems, databases, network structures.
  • Familiarity with cybersecurity framework(s) (NIST, SANS, PCI, ISO 27001/27002, or CIS)
  • Investigative and analytical skills.
  • Excellent oral and written communication skills;
  • Knowledge of the current and evolving cyber threat landscape;
  • Knowledge of laws, regulations, policies, and ethics related to cybersecurity and information privacy;

             

Similar Jobs you may be interested in ..