Cyber Security Controls Assessor

Hybrid in Oakland, CA, US • Posted 4 hours ago • Updated 4 hours ago

Contract W2

Contract Independent

Contract Corp To Corp

On-site

$0+

Verism Systems

Fitment

Dice Job Match Score™

🎯 Assessing qualifications...

Job Details

Skills

Cyber Security
general computing controls (GCCs)
complex control gaps
IT Audit
ITIL
SOX
NERC/CIP
Controls assessment
(NIST) SP800-53 security controls catalog
IT security
IT risk management
Auditor
security controls
IT Compliance
security framework
IT assessment process
COBIT
Business Process
Auditing
Cisco Certifications
CISA
CISM
CISSP
Certified Ethical Hacker
Microsoft Excel

Summary

MUST BE LOCAL TO SAN FRANCISCO, CA

MUST HAVE SKILLS:

- Deep understanding of security framework and IT assessment process; detail oriented

The Cyber Security Controls Assessment family is responsible for the assessment, verification, review, and audit of General Computer Controls across the enterprise. The Cyber Security Controls Assessor ( Assessor ) will be responsible for assessments which will require review and evaluation of IT and/or business systems and processes for compliance with defined regulatory standards, internal processes, and procedures. Additionally, the Assessor will be responsible for the identification of risks, evaluation of control deficiencies, and recommendation on remediation efforts consistent with IT organizational policies, standards, procedures, and regulatory requirements.

Duties and Responsibilities

Perform multi-platform (application, database, operating system, middleware, monitoring tools, and business processes) level assessments based on predefined test objectives and test plans.
Perform retest of controls that have been remediated or updated as a result of previously identified deficiencies.
Obtain, review, and interpret evidence provided to validate controls are performed effectively.
Execute and report on results of IT Compliance assessments in accordance with industry best practices and established regulatory standards and requirements (e.g., NIST SP800-53, SP800-115, SOX, NERC CIP).
Obtain, review, and interpret organizational IT policies, standards and procedures to identify control points that would assist in mitigating risk to the business.
Review test results or interpret evidences to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution.
Identify risks associated with control failures and supports the identification of mitigating controls
Partner with control owners to ensure control documentation is updated periodically to reflect current control environment
Perform other tasks as necessary to ensure that the Compliance meets its commitments to customers
Support the Compliance Sr. Manager/Manager as needed.

Qualifications

BA/BS in Computer Science, Business, or equivalent experience.
Minimum of 3 years of general IT experience, including IT security or IT risk management experience
Experience using Excel worksheets, workbooks, and formulas
Experience managing multiple projects with conflicting priorities

Desired Experience

Utility Industry Experience
Big 4 experience
Demonstrated experience with Sarbanes Oxley or National Institute of Standards and Technology (NIST) SP800-53 security controls catalog.

Minimum Required License / Certification: At least one existing certification from the following list, which must be currently maintained and valid: certification:

Cisco Certified Networking Associate (CCNA)
Certified Information Systems Auditor (CISA);
Certified in Risk and Information System Control (CRISC);
Certified Internal Auditor (CIA);
Certified Information Systems Security Professional (CISSP);

Desired License / Certification:

One or more current and valid certifications directly applicable or complementary to the role and area of expertise, including those listed above, as well as:

Certified Ethical Hacker (CEH)
Information Technology Infrastructure Library (ITIL)
Microsoft Certified Professional/Security Engineer (MCP, MCSE)
Cisco Certified Network Associate/Professional (CCNA, CCNP)
Certified Information Security Manager (CISM)
Project Management Professional (PMP).

Knowledge, Skills, and Abilities

Strong oral and written communication skills
Strong analytical skills
Understanding of application, database, network and systems security
Understanding of general computing controls (GCCs)
Able to identify complex control gaps.

Understanding of generally applicable and accepted auditing standards and framework (e.g. COBIT) and best practices for IT services management (e.g., ITIL), regulatory standards and requirements (e.g. Sarbanes Oxley Act, NERC/CIP)

Excellent planning, organizational, and project management skills
Able to multi-task projects or assessments
Ability to work with minimal supervision in a fast-paced environment
Detail oriented

Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.

Dice Id: 10123692
Position Id: 8869483
Posted 4 hours ago

Company Info

About Verism Systems

Our Mission: To optimize, integrate, and manage our clients software and IT framework to enable them to use their business data for maximizing performance and the ROI from IT Investments.

Our superior capability to combine System integration expertise & experience from implementations is complimented by our commitment to our clients. This allows us to create and implement customized solutions that will help us achieve our mission, fueling our clients success.

Founded in 2005, Verism Systems is an IT consulting & staffing firm that strives and specializes in helping our clients realize the benefits of an integrated Enterprise. Our company enjoys the leadership of its visionary principals and the commitment of the brightest experts in the IT industry. Verism Systems also capitalizes on mutually beneficial partnerships with major industry players.

We leverage all these assets to enhance the IT framework & efficiency of many Fortune 500 companies and large technology consulting firms across the US. Verism Systems was established with the objective of being seamless extension of the clients IT organization and we have grown exceedingly efficient at it.

At Verism Systems we are in a state of perpetual improvement, enhancing our capabilities for adding more value to our clients. Flexibility and agility in the alignment of business and technology is crucial for success. We not only maintain this alignment within Verism Systems, but work hard to help our clients achieve it as well.

Verism Systems is an enterprise that deeply values quality human resource. Our focus on the people in our organization is one of the prime reasons of our success. We attract, maintain and develop the top industry talent, a rare feat that we help our clients achieve as part of our solutions. Verism's IT experts are highly motivated professionals who pursue & enjoy exposure to new technologies in a variety of industries, a quality that invariably results in the best IT consulting & staffing solutions for our clients.

Companies face escalating challenges to optimize technology solutions for almost all business functions. Through our world-class IT consulting & staffing solutions, Verism Systems successfully helps its Fortune 500 clients in improving their operational efficiency by improving their decision-making and enhancing their customer experience. As we help clients re-examine how to best leverage ERP solutions within their unique enterprise infrastructure, the invariable result is measurable performance improvement the real success we always aim for and achieve.

Create job alert

Never miss an opportunity! Create an alert based on the job you applied for.

Similar Jobs

It looks like there aren't any Similar Jobs for this job yet.

Search all similar jobs