Offer summary

Qualifications:

Bachelor's degree required, Strong knowledge in cybersecurity controls, Experience with regulatory frameworks like HIPAA, Key certifications such as CISSP or CISA preferred.

Key responsabilities:

Plan and execute cybersecurity assessments

Collaborate with teams to identify security risks

Job description

completed 4 year degree (no exceptions)
background/drug check required

Responsibilities:

Plan, schedule, and execute regular cybersecurity assessments of IT systems, processes, and security controls to ensure compliance with internal policies, industry standards (e.g., Enterprise Controls, NIST CSF, ISO 27001), and relevant regulatory frameworks (e.g., GDPR, HIPAA, etc.)
Assist with the design of cybersecurity controls and conduct regular testing of controls to verify their effectiveness. This includes reviewing configuration management, data protection mechanisms, access controls, incident response protocols, and more.
Conduct interviews with control owners and process stakeholders to design and test cybersecurity controls. Request, review, and test documentation to support control design and effectiveness.
Collaborate with other teams both within and outside of GCISO to identify and quantify cybersecurity gaps & risks.
Perform cybersecurity risk assessments using industry standard frameworks (i.e., NIST 800-30, etc.) to identify key assets, vulnerabilities, threats, and safeguards within the organization.
Document findings, recommendations, and remediation steps, and track progress on corrective actions.
Work closely with internal teams (e.g., IT, Privacy, Legal, Operations, the Business, etc.) to ensure compliance efforts are aligned with overall organizational goals.
Educate and advise stakeholders on compliance requirements and best practices to minimize security risks and ensure alignment with regulatory standards.

Strongly Preferred:

Strong leadership & communication skills
Robust knowledge and experience of cybersecurity control design, implementation, and maintenance
Previous experience within IT Audit, Compliance, and/or Cybersecurity
Previous experience with HIPAA Security, GDPR, NIST CSF, ISO 27001, etc.
Previous experience planning, executing, and following up on cybersecurity / regulatory audits o Key Cybersecurity and/or IT Audit certifications (i.e., CISSP, CISA, CRISC, HCISPP, etc.)
Experience using artificial intelligence (AI) at an enterprise level to increase efficiency within processes
Experience within process improvement initiatives o Strong analytical and problem-solving skills.
Excellent team coordination abilities.
Proven experience in process improvement or a related field.
Experience with training and knowledge management.
Ability to manage multiple tasks and prioritize effectively

Must Have: Audit Controls, Conducted HIPAA gap analysis, ISO 27001 Standard

Required profile