Cyber-Security Risk Expert

We have an exciting opportunity for a Cyber-Security Risk Expert to join our team. The selected candidate will be supporting our client’s Business Partner Cyber Security Risk Management. This resource will be working with the Third Party Cyber Risk Mgmt. team to Design and administer procedures in the organization that sustains the security of the organization’s data and access to its technology and communications systems. The Risk Expert will assess risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization’s systems and the data contained in them.

Required Experience/Skills:

· 5 years of experience in the security aspects of multiple platforms, operating systems, software, communications, and network protocols.

· Ability to actively lead and manage project update briefings, working sessions and stakeholder meetings

· Strong analytical/assessment capability (e.g., conducting cybersecurity gap analyses, risk assessments)

· Experience with systems engineering discipline

· Ability and proven experience to manage a Third Party Cyber Risk Management program

· Ability to work independently without direct supervision

· Knowledge of security frameworks - NIST 800-53, NIST 800-171, ISO 27001

· Knowledge of security audits/certifications: SOC 2 Type 2, ISO 27001, PCI-DSS

· Understanding of third party relationships

· Understanding basic procurement processes - SOW, RFP, contract terms and conditions

· Process oriented

· Strong organization and prioritization skills

· Program management skills

· Strong writing skills

· Knowledge of security best practices

Other Requirements:

· Candidates must either be US Citizens or Permanent Residents

· Candidates must have resided in the United States for the past 5 years

· Candidates must not have traveled outside of the United States for a combined total of 6 months or greater in the past 5 years

· This position requires successful completion of a background check, drug screen, and a credit check.

Desired Experience/Skills:

· One or more of the following certifications:

o CISSP, CCSK/CCSP, PMP and/or CISA certifications CRISC - Certified in Risk and Information Systems Control

· Familiarity with GRC and Third Party Risk solutions

Education: Bachelor degree in Information Technology/Computer Science/MIS, or related disciplines

Benefits: Full-time employees (permanent or contract employees who are employed for a term greater than 6 months) are eligible for benefits including time-off benefits, such as vacations and holidays, and insurance and other plan benefits.

Location: Falls Church, VA

About Us:

Bay State Computers, Inc. is a professional services firm and a leading provider of Information Technology (IT) services and products to the U.S. Federal Government and Industry. Bay State brings together experienced IT professionals and the latest state-of-the-art technology tools, practices, and products to support projects and task order requirements for our customers. For more information about Bay State visit our website and connect with us on LinkedIn.

Bay State Computers, Inc. is an Equal Opportunity/Affirmative Action Employer. All qualified candidates will receive consideration for this position regardless of race, color, creed, religion, national origin, age, sex, citizenship, ethnicity, veteran status, marital status, disability, or any other characteristic protected by applicable law.