Vacancy expired!
Note : Please reply ONLY if you1)
can work 100% on-site from day one + have all the Required skill set and have worked as a "Security Risk and Compliance Office (SRCO) Manager (PCI-DSS/SOC2 assessment, GRC tools) in a large & Complex IT Environment. 2) can meet the min required experience as defined under the MANDATORY Skill 3) can provide at least 3 verifiable experience from completed and/or substantially completed jobs that closely match this request + fill out a skill Matrix + Resume Certification Form4) Can go through a background check including fingerprinting + Agree to a MS Teams interview.5) have A Competitive Rate6 will be available in Mar 2023 timeframe as the Start date after a successful interview takes a minimum of 2-3 weeks.US citizens and those authorized to work in the US are encouraged to apply. We are unable to sponsor H1b candidates at this time. NOTE: GIS will utilize the U.S. Department of Homeland Security's E-Verify system to verify the employment eligibility of all persons employed during the term of the Contract Note to Consulting Companies : ANY CONSULTANT’S RESUME YOU SEND ME “MUST” BE ON YOUR COMPANY’S PAYROLL, NO H1-VISA TRANSFER, NO PRO-MARKETING, NO SISTER COMPANY RESUMES. The resume should have the DIRECT contact info and email of the candidate otherwise the candidate will NOT be considered. ALL H1 candidates including those onWOULD need to provide I-797 + DL Copy (no exceptions).Each staff member assigned to this project must have a background screening that is equivalent to a Level Two (2) screening standard.This is a fixed fee/hourly based project which is inclusive of travel, lodging, per diem expenses and all other costs associated with the completion of the associated tasks.Interviews: In the event an interview is requested, interviews may be conducted remotely via Microsoft Teams. A phone interview may also be requested as a first step.Telecommuting: Telecommuting is not allowed.PurposeThis position reports to the Security Risk and Compliance Office (SRCO) Manager, Information Technology Office of the Client. The candidate will have hands-on experience performing PCIDSS assessment, SOC2 Type1 and Type2 audits, developing KPI and reporting matrix, and formulating cost-benefit analysis to help align SRCO and Network Operations technology solutions with business initiatives and delivery. Have a good understanding of Network and Security technology solutions and can articulate them to meet current and future FTE’s Information Technology and business initiatives.Requirements: Education:- Bachelors degree or equivalent experienceExperience:- Must have 5 to 7 years hands-on experience in performing PCI-DSS assessment- Must have 4 to 6 years hands-on experience with SOC2, Type1, and Type 2 assessment- Strong experience with managing and organizing Security Incident Response Team (SIRT) activates- Must have 5 to 7 years of experience using GRC tools such as Archer and ServiceNow.- Must have 3 to 4 years hands-on experience in performing IT business processes and cost-benefit analysis.- Must have strong presentation and written communication skills.- Strong working knowledge of Excel, Visio, MS-Word, and developing PowerPoint presentations.- Have a good understanding of Information Technology tools and technology supporting overall IT organization and business.Certification: - Certified Information Security Manager (CISM) preferred.Responsibilities- Work with SRCO and Network Operations team to develop and maintain a comprehensive list of Information Security and Network Operations hardware deployment in FTE’s data centers and roadside sites.- Maintain and enhance SRCO and Network Operations software and tools to identify licensure, including annual renewals. Work with the TDC procurement team to explore opportunities for consolidating renewals.- Develop and maintain Department’s KPI and create monthly and quarterly reporting for the leadership.- Perform annual review and adhoc changes in Information Security Policies and ensure compliance with Florida State Statues, FDOT, PCI-DSS, and industry best practices.- Perform annual PCI assessment for the Department, including coordination with internal teams and third party vendors. Ensure that reporting requirements meet the established timeline.- Coordinate and perform Department’s SOC2 assessment. This includes coordination with both the internal teams and external parties to obtain documentation and ensure that established timelines are met.- Assist Department with annual and adhoc audits for compliance with State of Florida status and established compliance requirements.- Assist with managing supply chain oversight, including establishing, maintaining, and performing a risk assessment. Develop risk matrix and management reporting.- Manage vulnerability program to ensure remediation based on established Service Level Agreements, including PCI-DSS and Cybersecurity Frameworks. Develop management reporting.- Assist the SIRT team in formulating testing schedules, conducting tabletop exercises, and facilitating lessons learned workshops and management reports.Incumbent may be required to work before, during and/or beyond normal work hours or days in the event of an emergency. Emergency duty required of the incumbent includes working in special needs or Red Cross shelters, or performing other emergency duties including, but not limited to, responses to or threats involving any disaster or threat of disaster, man-made or natural."When replying please make sure to list your (All Inclusive) Compensation requirements "Note : This is a Full time ON SITE Contract Position Start date : March 2023No phone calls please.Local s preferredONLY candidates with an exact match will be contactedNo relocation assistance provided.Candidates should be authorized to work in the US.