We have a client in the Houston area looking for a CyberSecurity specialist - direct hire. This will be a hybrid role 3 days onsite in West Houston.
This critical role involves managing day-to-day IT Security operations, overseeing Security Incident Response, managing the 3rd party risk management program, coordinating with OT security team to address risks, and ensuring needs of the business and operations are addressed in a timely manner.
CISSP a big plus some GRC also a plus
Responsibilities
- Contribute to IT security vision, roadmap, and execution plan
- Oversee the day-to-day operational support of the IT Security team including leading the weekly status meetings, handling, and prioritizing help desk tickets, managing projects/ deadlines/ resources, and overseeing Incident Response
- Define/update /oversee IT Security policies/procedures/standards and drive enforcement.
- Own and update the Cybersecurity framework and perform annual internal security assessments to determine posture. Also, develop a remediation plan and ensure completion
- Support the Head of IT Security in establishing overall enterprise information security architecture (EISA) with the organization's overall security strategy
- Support the Head of IT Security in advising senior management (e.g., Chief Information Officer, Executives, Board Members) on risk levels and security posture
- Provide On Call support ensuring timely response in remediating critical incidents after hours and weekends.
- Actively identify, recommend, and implement cybersecurity and risk management technology solutions that ensure business needs are met while enhancing the organization's security posture, and maturing the cybersecurity function
Experience
- Minimum 10 years' total experience in an IT capacity, with at least 5 years' in cyber security
- Ideally Big 4 or consulting experience
- Experience delivering cybersecurity and risk management information and analysis to leadership across the organization
- Familiar with security best practice standards such as NIST 800-53, ISO 27001, COBIT, OWASP, etc.
- Knowledge of cloud security principles, particularly in popular cloud platforms (e.g., AWS, Azure, GCP)
- Experience and working knowledge of Microsoft E5 Security suite (MDE, Intune, Purview)
- Strong MS Active Directory administration skills and experience