StamfordRecruiter Since 2001
the smart solution for Stamford jobs

IT Security Consultant

Company: Lovin
Location: Stamford
Posted on: March 20, 2023

Job Description:

*Job Title:* Consultant IT Security & Risk Management

*Job Location: *One Stamford Forum 201 Tresser Blvd, Stamford, CT USA 06901

*Duration:* 6 Months

*Shift: *9AM - 5PM

*Assignment Description:*

*Consultant IT Security & Risk Management*

*Job Summary*

We are looking for a hands-on technical information security leader. This individual needs to understand the technical facets of information/cyber security including security architecture, security engineering, risk management, governance risk & compliance, and incident response while having the leadership and project management skills necessarily to effectively manage people.

*Primary responsibilities include:*

* Directing outsourced IT Security to execute information security projects and activities.
* Defining security requirements, including security policies, standards, plans, methodologies, and guidelines.
* Creating and executing project plans to ensure the timely execution of security projects.
* Reviewing the security of technologies, systems, networks, and applications.

*Areas of Responsibility:*

*IT Security & Risk Management's responsibilities include a variety of activities including strategic, tactical, and operational such as:*

* Strategic Support
* Security Liaison
* Security Architecture & Engineering Support
* Operational Support

*Strategic Support:*

* Work with the Director to develop an information security program and security projects that address identified risks and business security requirements in alignment with the risk tolerance of the organization.
* Manage the process of gathering, analyzing, and accessing information security threats.
* Partner with the Director to develop budget projections based on short- and long-term goals and objectives.
* Monitor and report on compliance with security policies and enforce security policies.
* Propose changes to existing policies and procedures to ensure the protection of Purdue systems, efficient operations, and regulatory compliance.
* Work with IT Security, IT, and business stakeholders to build metrics and reports that effectively communicate risks, progress, and areas of opportunity.

*Security Liaison:*

* Assist resource owners and IT staff in understanding and responding to reported security audit failures.
* Advocate information security with the organization and ensure that personnel are trained on information security best practices.
* Review the security of systems, networks, applications, and resources; identify risks; and provide security recommendations.
* Work with stakeholders to ensure that asset owners are identified, and systems are appropriately classified.
* Serve as an active and consistent participant in the information security governance process.
* Provide support and guidance for legal and regulatory compliance efforts, including audit support.
* Keep up-to-date with information security threats, risks, and vulnerabilities.
* Ensure that vulnerabilities are addressed in line with their criticality and agreed upon SLAs.

*Security Architecture & Engineering Support:*

* Consult with IT and security staff to ensure that security is factored into the evaluation, selection, installation, and configuration of hardware, applications, and software.
* Recommend and coordinate the implementation of technical security controls.
* Research, evaluate, design, test, recommend, and plan the implementation of technical information security controls and analyze its impact on the existing environment.
* Direct the administration of security tools and controls.
* Work with IT to ensure that there is a convergence of business, technical, and security requirements.
* Proactively identify areas of improvement in technical security architecture and processes.

*Operational Support:*

* Create, develop, and execute KPIs, metrics, and reports.
* Manage outsourced vendors that provide information security functions for compliance with contracted service-level agreements.
* Manage the day-to-day activities of threat and vulnerability management & risk management including the recommended treatment plans, status, and residual risks.
* Manage security projects and provide expert guidance on security matters.
* Assist and guide the disaster recovery planning team in the selection of recovery strategies and the development, testing, and maintenance of these disaster recovery plans.
* Ensure audit trails, system logs and other monitoring data sources are reviewed periodically and are in compliance with policies and audit requirements.
* Design, coordinate and oversee security testing procedures to verify the security of systems, networks, and applications, and manage the remediation of identified risks.

*Education and Experience Requirements:*

* BS / MS / Equivalent Training and 8+ years of relevant experience.
* Experience managing a small team and outsourced IT personnel.
* Strong hands-on technical system and network security skills.
* Experience with information security governance, risk, and compliance.
* Professional certification, such as CISM or CISSP is preferred.

*Necessary Knowledge, Skills, and Abilities:*

*IT Security & Risk Management must have the following:*

* Experience reviewing security architecture and defining security requirements.
* Management skills including experience managing outsourced personnel.
* Experience developing and maintaining policies, procedures, standards, and guidelines.
* Experience with common information security management frameworks, such as ISO 27001, NIST.
* Familiarity with applicable legal and regulatory requirements, including, but not limited to SOX, HIPPA, GPDR, and CCPA.
* Strong project management skills and experience in creating and managing project plans.
* Proficiency in performing risk, business impact, control, and vulnerability assessments, and in defining treatment strategies.
* Strong analytical skills to analyze security requirements and relate them to appropriate security controls.
* Ability to communicate with technical and non-technical stakeholders at all levels.
* Strong written and verbal communication skills

Job Type: Contract

Salary: $75.00 - $85.00 per hour

* 8 hour shift

* Cybersecurity: 3 years (Preferred)
* Security Architecture: 1 year (Preferred)
* ISO 27001: 1 year (Preferred)

Work Location: On the road

Keywords: Lovin, Stamford , IT Security Consultant, Professions , Stamford, Connecticut

Click here to apply!

Didn't find what you're looking for? Search again!

I'm looking for
in category

Log In or Create An Account

Get the latest Connecticut jobs by following @recnetCT on Twitter!

Stamford RSS job feeds