Overview
On Site
120k - 150k
Full Time
Skills
Attention to detail
Information security
Software development
NIST SP 800 Series
ISO/IEC 27001:2005
Compliance management
International sales
Cyber security
Risk assessment
Network security
Software security
Identity management
Incident management
Computer science
Information Technology
Information systems
Regulatory Compliance
System on a chip
NERC
Leadership
Documentation
SaaS
Collaboration
Energy
Storage
Optimization
Auditing
Policies
Operations
Computer hardware
Cloud computing
Management
FOCUS
Encryption
CISSP
CISA
CISM
ISACA
SAP BASIS
Job Details
Information Security Risk Specialist
This company is seeking a Security and Compliance Specialist to join their expanding software team at their software development center. In this position, you'll concentrate on guaranteeing their adherence to industry-standard security frameworks (such as IEC 62443, SOC 2, NERC CIP/NIST-800, ISO 27001) while also providing guidance to their development team on security matters.
The company is located in Herndon, VA and the candidate will need to come on site 1 day a week.
What You Will Be Doing:
Lead the cybersecurity compliance and documentation initiatives pertaining to their Operational Technology (OT) products for power plants.
Serve as the subject matter expert (SME) for all aspects of security compliance, including adherence to IEC 62443 & SOC 2 standards.
Provide recommendations on tools, whether self-hosted or SaaS-based, to facilitate compliance management and assist in monitoring their findings, enhancing cybersecurity posture.
Collaborate closely with technical teams across the Energy Storage & Optimization organization to support compliance-related projects.
Conduct internal audits, evaluate compliance discrepancies, and devise remediation strategies to rectify shortcomings.
Collaborate with global sales teams to analyze and address regional cybersecurity standards, documenting how their products align with them.
Formulate security policies, standards, and guidelines for software development and operations teams to adhere to regarding security compliance.
Stay abreast of evolving cyber security requirements and assist in ensuring the adherence to them.
Assist in refining the Software Development Lifecycle to ensure ongoing security compliance.
Required Skills & Experience:
Proven track record in implementing, auditing, or maintaining compliance with industry-standard frameworks. A minimum of five years of practical experience in cybersecurity, information security, or compliance roles is highly preferred.
Comprehensive understanding and experience with computer software and hardware, spanning both on-premises and cloud environments.
Demonstrated expertise in risk assessment, management, and mitigation strategies, with a focus on identifying and addressing potential security threats and vulnerabilities.
Meticulous attention to detail in documenting and tracking the company's adherence to customer cybersecurity requirements, particularly in OT environments.
Proficiency across various technical domains, including network security, application security, encryption technologies, identity and access management, and security incident response.
Ability to thrive in a fast-paced, dynamic, and highly technical environment.
Eagerness to stay abreast of the latest trends, technologies, and best practices as the field of cybersecurity continues to evolve.
Desired Skills & Experience:
A bachelor's degree in computer science, information technology, cyber security, a related field, or equivalent combination of education & experience.
Advanced degrees or certifications such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are beneficial.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn't provide sponsorship.
This company is seeking a Security and Compliance Specialist to join their expanding software team at their software development center. In this position, you'll concentrate on guaranteeing their adherence to industry-standard security frameworks (such as IEC 62443, SOC 2, NERC CIP/NIST-800, ISO 27001) while also providing guidance to their development team on security matters.
The company is located in Herndon, VA and the candidate will need to come on site 1 day a week.
What You Will Be Doing:
Lead the cybersecurity compliance and documentation initiatives pertaining to their Operational Technology (OT) products for power plants.
Serve as the subject matter expert (SME) for all aspects of security compliance, including adherence to IEC 62443 & SOC 2 standards.
Provide recommendations on tools, whether self-hosted or SaaS-based, to facilitate compliance management and assist in monitoring their findings, enhancing cybersecurity posture.
Collaborate closely with technical teams across the Energy Storage & Optimization organization to support compliance-related projects.
Conduct internal audits, evaluate compliance discrepancies, and devise remediation strategies to rectify shortcomings.
Collaborate with global sales teams to analyze and address regional cybersecurity standards, documenting how their products align with them.
Formulate security policies, standards, and guidelines for software development and operations teams to adhere to regarding security compliance.
Stay abreast of evolving cyber security requirements and assist in ensuring the adherence to them.
Assist in refining the Software Development Lifecycle to ensure ongoing security compliance.
Required Skills & Experience:
Proven track record in implementing, auditing, or maintaining compliance with industry-standard frameworks. A minimum of five years of practical experience in cybersecurity, information security, or compliance roles is highly preferred.
Comprehensive understanding and experience with computer software and hardware, spanning both on-premises and cloud environments.
Demonstrated expertise in risk assessment, management, and mitigation strategies, with a focus on identifying and addressing potential security threats and vulnerabilities.
Meticulous attention to detail in documenting and tracking the company's adherence to customer cybersecurity requirements, particularly in OT environments.
Proficiency across various technical domains, including network security, application security, encryption technologies, identity and access management, and security incident response.
Ability to thrive in a fast-paced, dynamic, and highly technical environment.
Eagerness to stay abreast of the latest trends, technologies, and best practices as the field of cybersecurity continues to evolve.
Desired Skills & Experience:
A bachelor's degree in computer science, information technology, cyber security, a related field, or equivalent combination of education & experience.
Advanced degrees or certifications such as CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), or CRISC (Certified in Risk and Information Systems Control) are beneficial.
Applicants must be currently authorized to work in the United States on a full-time basis now and in the future.
This position doesn't provide sponsorship.