JOB TITLE: SVVP Security Development Consultant - SOC -2
Location: Brooklyn, NY
Hybrid - At least 3 days of onsite is expected
Duration - 3 years (+ 2 years extension option)
Tasks & Duties:
Objective:
· Responsible for developing and executing the Security Verification and Validation Program (SVVP).
· Scope:
· Leads the architecture and design of SVVP across the organization. Sets foundational processes, tools, and frameworks to ensure all future security controls can be validated consistently.
· Development of SVVP Framework:
· Develop and structure the SVVP framework for evaluating security controls across the full scope of the migration.
· Create guidelines for the verification and validation process to ensure security measures align with City-wide, State, and Federal standards.
· Identify all agency critical data assets, categorize data sensitivity levels for all the agency applications.
· Application of SOC 2 Readiness Criteria:
· Incorporate SOC 2 trust service criteria (security, availability, confidentiality, processing integrity, privacy) into the SVVP to ensure compliance during migration.
· Design and develop action plans to address SOC 2 gaps, ensuring adherence to security standards before, during, and after migration.
· Security Protocols and Mitigation Strategy:
· Develop protocols for evaluating network security, data protection, access controls, and incident response measures.
· Identify vulnerabilities and design mitigation strategies to address risks during migration phases.
· Launch and Execution of Validation Plan:
· Launch the SVVP execution phase, ensuring that security validation occurs at each migration stage.
· Activate validation checkpoints across planning, design, implementation, testing, and operational readiness.
Never miss an opportunity! Create an alert based on the job you applied for.
