Cybersecurity Contractor

Role Summary

As a Cybersecurity Contractor for Axiom Technology Group, you will be a crucial support to the project team, ensuring the robust security and integrity of information systems and data. This role requires over 14 years of experience and is responsible for conducting comprehensive security assessments, vulnerability analyses, and implementing advanced cybersecurity measures. You will monitor and respond to security incidents, develop policies, and collaborate with stakeholders to embed best practices throughout projects.

Core Responsibilities

• Conduct security assessments and vulnerability analyses to identify potential risks.
• Implement and maintain cybersecurity measures, including firewalls, encryption, and intrusion detection systems.
• Monitor and respond to security incidents and breaches, providing timely resolution.
• Develop and update security policies, procedures, and documentation to ensure compliance with industry standards.
• Collaborate with stakeholders to ensure cybersecurity best practices are integrated into all aspects of the project.

Information Technology Services (ITS) Cyber Security, Risk & Compliance (CSRC) Support

This position specifically supports ITS Cyber Security, Risk & Compliance programs, focusing on risk management, compliance management, third-party risk assessments, and security awareness. You will be responsible for understanding and assessing security, confidentiality/privacy, and operational risks associated with third-party provider solutions, ensuring adherence to relevant laws, regulations, and industry security standards.

Specific Duties Include

• Conduct information security assessments of third-party vendors to determine their ability to protect confidential data.
• Enhance risk/vulnerability assessment programs and questionnaires to aid in the identification and mitigation of security risks.
• Identify and document information security vulnerabilities and risks in the information technology environment.
• Evaluate identified vulnerabilities and risks, working with business owners, risk management, and vendor representatives.
• Identify tasks necessary to remediate identified vendor risks and vulnerabilities; negotiate dates for remediation to be complete.
• Track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to constituents.
• Monitor appropriate sources for newly identified vulnerabilities, evaluate the risk such vulnerabilities pose to the organization's information and systems, and advise management of appropriate measures.
• Monitor appropriate industry sources to maintain awareness of new security tools and techniques and research those that can improve the organization's protection capabilities.
• Maintain expertise in identifying security risks in the hardware, software, and systems used by the organization.
• Participate in continuing education, seminars, and professional organizations to remain current on developments in the information security profession.
• Ensure that identified risks are managed in accordance with the Risk Management program.

Key Skills/Competency

• Cybersecurity
• Risk Management
• Compliance Management
• Vulnerability Analysis
• Third-Party Risk Assessments
• Security Assessments
• Incident Response
• Security Policies
• Intrusion Detection Systems
• Encryption & Firewalls