Serves as subject matter expert for all things security related across the Ntiva client base. Support vCIO and vCISO engagements, write plans, perform gap assessments, define roadmaps to success and help SAs quantify them in actionable projects. Lead incident response and remediation actions as needed
Duties and Responsibilities:
- Develop appropriate documentation as required to support compliance efforts to include:
- System Security Plans, POAMs, and DOD Assessments
- CMMC Gap Assessments
- HIPPA/HITRUST and related documentation
- ISO 2700x and 2000x
- FINRA/SEC checklists
- Provide strategic technical leadership and consulting to departments and staff with an emphasis on security related issues.
- Direct projects related to cybersecurity, evaluate and recommend cyber tools, and educate staff on cyber impacts to business operation.
- Address compliance requirements and methods of implementing tools and processes to reach compliance.
- Review existing and recommend future cyber policies, tools, and procedures.
- Learn client’s industry as well as the organization’s workflow, culture, and strategic goals.
- Reduce risk associated with IT by providing counsel on cybersecurity issues.
- Deliver company-wide communication and presentations on IT policies and initiatives.
- Cultivate trusted and productive partnerships with client leadership and staff.
- Formulate IT budgets and financial projections, manage and report against the budget, and manage technology purchasing.
- Assist with security related incident identification, response, and remediation.
- Assist with high-level technology crisis management and prioritization.
- Implement and maintain appropriate disaster recovery and business continuity plans, practices, and procedures for IT and networks.
- Meet regularly with stakeholders to ensure satisfaction with current work and plan for future growth.
Characteristics of Ideal Candidate
- Must thrive in a rapidly changing environment
- Ability to coach clients and co-workers in security standards, requirements, processes, and technologies
- Must be flexible and able to work across a wide range of client industries
- Comfortable in the C-suite, the LAN room, and out with the staff; able to communicate with all levels of an organization
- Able to inspire confidence and trust quickly regardless of the industry or your past experience
- Comfortable delivering all types of presentations from brown bag lunches to decision briefs on long term projects
- DOD 8570 IAM Level II qualifying certification required.
- Must be willing to achieve DOD 8570 IAM Level III qualifying certification within 12 months of hire
- CMMC-AB RP before date of hire
- 10 plus years of experience in network systems, Windows, Linux, Mac environments, and O365 to include cloud migrations and hybrid environments
- Experience with a broad range of firewall and VPN appliances to include Cisco Meraki, Watchguard, & Sonicwall
- Experience with O365 Security and Compliance Center
- Familiarity with AzureAD and Intune
- Experience with hybrid AD environments to include ADFS