Project Manager -PM23-01900

Position: Project Manager
Location: New York, NY
Duration: 6 Months

Summary of the Position:

• Client's IT is a unit under the Executive Office for Administration & Finance (Client) and is overseen by the Client's IT Chief Information Officer (Client CIO).
• Client's IT is comprised of over 200 employees working on IT systems and applications for 22 various Client agencies, to include the Department of Revenue (DOR) which manages Commonwealth taxes and child support.
• Client's IT is looking to fill the role of Cybersecurity Analyst/Project Manager with an consultant that will report directly to the Client's IT Chief Information Security Officer (CISO).
• This individual will be responsible for designing, building and driving aspects of the information security program.
• They will work closely with a broad range of constituents, serving as a subject matter expert on various projects and managing several programs.
• The successful candidate will be part of team responsible for enhancing the maturity and effectiveness of the DOR Information Security program, and adapting it for broader applicability to Client's IT.

Primary Responsibilities:

• Build and manage the Cybersecurity Risk Management function.
• Establish and maintain policies and standards.
• Determine current state of cybersecurity controls through interviews and evidence.
• Document where controls do not meet policy or regulatory requirements.
• Work with technology owners to define and plan control enhancements efforts to reduce risk and satisfy regulatory requirements.
• Create technology roadmaps to illustrate current state and the path to our desired state.
• Support Cybersecurity governance through reporting and tracking of projects for broader awareness.
• Participate in the third-party assessment process.
• Conduct risk assessments.
• Facilitate and manage external audits.
• Required Education, Skills and Competencies
• Working knowledge of NIST 800-53 or how to work with cybersecurity frameworks in general.
• Breadth of knowledge on cybersecurity controls.
• Ability to organize and structure large amounts of information to facilitate programs, processes and compliance.
• Program management
• Strong analytical skills.
• Ability to organize and run effective meetings.
• Strong analytical and communication skills.
• Interpersonal skills to develop strong collaborative working relationships with a broad range of constituents.
• Excellent written and verbal communication skills.
• Exceptional attention to detail.
• Interest in and ability to interact effectively with diverse groups of people.
• Great problem-solving and decision-making skills.
• Ability to work independently and with minimal supervision.
• Ability to be discrete and keep sensitive information confidential.