|Published||April 29, 2022|
Job Title: Cyber Security Specialist
Job Location: Tallahassee, FL
Job Duration: Long term contract in 6 month intervals
Proposed Staff Augmentation Position Title: Risk, Threat, and Compliance Analyst
Division: Information Security
Reporting to: Chief Information Security Officer
This position will provide the successful candidate an opportunity to level non-technical policy, compliance, governance, and program management skillsets to assist the City of Tallahassee Information Security Division complete its mission of securing the city's information technology resources. Candidates may have prior cybersecurity experience but may also demonstrate a willingness and desire to learn the tenants and skills required to perform as a vital member of a cybersecurity team. The successful candidate will leverage critical thinking, collaboration, written and verbal communications skills to perform various duties within the Information Security Division.
Analyze - Performs review and evaluation of incoming cybersecurity information to determine its usefulness for intelligence.
Oversee and Govern - Provides leadership, management, direction, or development and advocacy so the organization may effectively conduct cybersecurity work.
Risk Management - Oversees, evaluates, and supports the documentation, validation, assessment, and authorization processes necessary to assure that existing and new information technology (IT) systems meet the organization's cybersecurity and risk requirements. Ensures appropriate treatment of risk, compliance, and assurance from internal and external perspectives.
Training - Conducts training of personnel within pertinent subject domain. Develops, plans, coordinates, delivers and/or evaluates training courses, methods, and techniques as appropriate.
IT Risk Assessment: Responsible for coordinating technology risk assessments to identify risks and security control gaps based on the city's NIST CSF based cybersecurity standards. The position also assists other departments with specific compliance requirements, such as CJIS, NERC/FERC, PCI-DSS, etc.
Vendor Risk Program: Develops and maintains tools and processes for the assessment and monitoring of vendor risk. This includes risk assessment of cloud environments.
Risk Governance: Assists with the creation and maintenance of risk governance processes. This position will represent the Information Security Division for all risk governance matters in the CISO's absence.
Cybersecurity Awareness Program: Administers the city's cybersecurity training platforms, performing phishing assessments, coordination of cybersecurity training, and other matters related to the cybersecurity awareness program.
Cyber Intelligence: Leverage cyber intelligence sources to perform analysis of tool-based detections and observed threat activity on city computing resources.
Education: Bachelor's Degree preferred (Work experience may be substituted.)
Certification: Currently held cybersecurity certifications or willingness to pursue cybersecurity related certifications is preferred.
- Experience in compliance, risk assessment, privacy, intelligence analysis, program management, or awareness training programs.
- Experience with risk, intelligence, or compliance assessment methodologies.
- Experience producing high-quality documentation for varied audiences.
- Experience performing data analysis.
- Experience with basic tenants of project management.
- Experience using Microsoft Word and Excel
Digital Intelligence Systems, LLC (DISYS) is an Equal Opportunity Employer that recruits and hires qualified candidates without regard to race, religion, sex, sexual orientation, gender identity, age, national origin, ancestry, citizenship, disability, or veteran status.