Minimum education and experience:
- Master's degree or the equivalent in Computer Science, Information Technology, Engineering, or a related field OR Bachelor's degree or the equivalent in Computer Science, Information Technology, Engineering, or a related field plus 2 years of experience in information technology or related experience.
Skills required:
- Must have experience with: Cybersecurity principles of confidentiality, integrity, availability; cybersecurity practices to govern, protect, detect and respond to security risks; implementing security standards with a focus on risk assessment and management; Conducting comprehensive risk analyses, including identifying, assessing, and prioritizing cybersecurity risks; Assessing and managing cybersecurity risks associated with third-party vendors and suppliers; Security controls across domains, including access control, network security, incident response, and physical security; Documentation and report-writing to communicate assessment findings, risk assessments, and mitigation recommendations; Standardizing security controls and assessment criteria for consistency and comparability; business processes and the ability to align cybersecurity and governance efforts with organizational goals; cybersecurity regulations and standards relevant to the organization, such as NIST, HIPAA, PCI, or ISO; and secure software development practices, including code review, application scanning, and secure coding techniques.
Employer will accept any amount of experience with the required skills.