Cyber Security Risk Expert IV

Cyber Security Risk Expert IV
• PlanIT Group, LLC

Design, administer, and execute procedures for the identification, assessment, documentation, and communication of risks that could compromise data and operations stemming from weaknesses in technology platforms, solution architectures, governance processes, and security capabilities, against industry standards and best practices. Provide recommendations to improve and sustain the security of the enterprise's data and operations and document the organizational risk response plan (accept, mitigate, transfer, or avoid).

Monitor, report on, and validate the status and efficacy of risk mitigation, transfer, or avoidance plans.

• Demonstrate expert‑level knowledge and proficiency with Service Now (SNow) Vulnerability Response (VR) and associated modules, including but not limited to primary skills, abilities, and knowledge.
• General:
  Deep understanding of SNow platform's core functionalities and components, including forms, MID servers, tables, dashboards and access control lists (ACLs).
• Scripting:
  Proficiency in rules and scripting (e.g., JavaScript) adequate to develop, test, and deploy.
• Integrations:
  Proficiency to develop and troubleshoot VR integrations, including knowledge of APIs and Service Graph connectors.
• Dashboarding:
  Proficiency in designing and developing VR‑focused dashboards and reports.
• Design and administer procedures within the organization to sustain the security of the organization's data and access to its technology and communication systems.
• Assess the risk of exposure of proprietary data through weaknesses in platforms, access procedures, and forms of access to the organization's systems and data contained within.
• Ability to review, collate, understand, and present data, from various sources, to meet the remediation needs and expectations of the organization.
• Knowledge of automation coding, to automate data extrapolation, organization, and dissemination, to meet the needs of the organization.
• Ability to review, investigate, and assign cybersecurity vulnerabilities, for a variety of applications, systems, and hardware, including cloud computing.
• Manage several projects/initiatives of various sizes, complexities, and risks.
• Demonstrated proficiency in successfully evaluating and supporting documentation, validation, and remediation processes required to ensure new and existing IT systems meet the organization's vulnerability remediation expectations and requirements.
• Demonstrated ability to review and understand security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise cybersecurity remediation support is consistent and beneficial to the organization.
• Experience with vulnerability remediation and remediation processes and efforts, as well as remediation tools.
• Ability to serve as subject matter expert (SME) for the VRM process, including providing guidance to stakeholders, business units, and new CISO resources, as necessary.
• Strong organizational skills and ability to build and maintain schedules and step‑by‑step action plans.
• Effective communication and collaboration skills to work with cross‑functional teams, business units, stakeholders, and IT professionals, and to conduct presentations to varying audiences and technical knowledge levels.

• A minimum of thirteen (13) to twenty (20) years of relevant experience.
• A degree from an accredited college or university in the applicable field of services is preferred. Four additional years of relevant experience may substitute for a college degree. If the individual’s degree is not in the applicable field, four additional years of related experience is required.
• Works on high‑visibility, or mission‑critical aspects of a given program, and performs all functional duties independently.
• Oversees the efforts of direct reporting resources and/or is responsible for the efforts of all staff assigned to a specific job.
• Note:
  
  Special credentials (licenses and/or certifications) may be required at the Task Order level on a case‑specific basis.

• Mid‑Senior level

• Contract

• Information Technology
• Industries:
  Defense and Space Manufacturing, Software Development, and Armed Forces

Location:

St. Paul, MN (Rate: $‑$) & St. Louis Park, MN (Rate: $‑$)