Information Security Officer SME

INFORMATION SECURITY OFFICER - SME

ALTA IT Services is working on a forward-looking effort to staff 10 Senior Information Security Officer roles, supporting a state program. These positions will be contract to hire and are expected to start in mid-November 2024. The location is 100% onsite in Crownsville, MD.

The primary duties involve overseeing the daily operations of ISO-related projects and processes, planning and scheduling service delivery and adoption, identifying opportunities for the development of new services within their assigned organizations.

DUTIES AND RESPONSIBILITIES:

• Develop and maintain metrics to track adoption rates and regularly assess and enhance security controls, conducting assessments and evaluations to ensure effectiveness and compliance with established standards.
• Review and implement security policies to ensure compliance with regulatory requirements and
  organizational standards.
• Conduct thorough reviews of vulnerability data, coordinating with stakeholders to prioritize and address identified vulnerabilities effectively.
• Actively participate in Authorization to Operate (ATO) assessments, contributing expertise to ensure systems meet security requirements for operation.
• Collaborate with cross-functional teams to develop and enhance security protocols and procedures for seamless integration and utilization.
• Regularly report on adoption rates and identify areas for improvement.
• Monitor security systems to detect and respond to potential threats.
• Act as the primary point of contact for ISO agency-related inquiries and engagements.
• Monitor progress against established plans and adjust as necessary.
• Develop strategic plans and roadmaps for service delivery.
• Implement measures to address identified vulnerabilities
• Participate in the design and implementation of secure system architectures.
• Develop and deliver security awareness training programs for employees.
• Ability to Develop and maintain an incident response plan.
• Lead and manage security-related projects, ensuring timely and successful completion.
• Prepare and present security reports to management and stakeholders.
• Maintain accurate and up-to-date security documentation.
• Ensuring efficient allocation of resources.

ADDITIONAL RESPONSIBILITIES:

• Prepare and present security reports to management and stakeholders.
• Maintain accurate and up-to-date security documentation.
• Ensuring efficient allocation of resources

QUALIFICATIONS:

• Bachelor's degree in computer science, information technology, Information Security, Cybersecurity or related field.
• Advanced degrees or certifications such as CISSP, CISM, or CISA, Sec+, CISSO.
• Minimum of 5 years' experience in information security management, IT administration, or related fields.
• 3 years of experience in implementing cyber assessment and remediation plans, procedures, and cyber defense operations.
• Practical experience with security technologies, incident response, risk management, and compliance.
• Analytical and problem-solving skills, with the ability to analyze complex security issues and develop effective solutions.

REQUIRED AND DESIRED SKILLS/CERTIFICATIONS:

• Graduate degree or certifications such as CISSP, CISM, or CISA
• Strong knowledge of industry standards, regulations, and best practices related to information security, including ISO 27001, and NIST Cybersecurity Framework.
• Excellent communication and collaboration skills, with the ability to effectively communicate technical concepts.
• Strong analytical and problem-solving abilities.
  Meticulous attention to detail to identify and mitigate security risks.
• Understanding of various security protocols, standards, and methodologies. Proven experience in managing scalable cybersecurity projects, including planning, execution, monitoring, and closing phases.
  Ability to coordinate cross-functional teams and manage multiple projects simultaneously.
• Project management skills, with experience in planning, scheduling, and monitoring the delivery of cybersecurity services.
• The candidate must be able to travel to the Maryland Department of Information Technology (DoIT) office located in Crownsville, MD, as well as to various agencies within the Baltimore/Annapolis region.
• Familiarity with federal, state, and local regulations related to information security and privacy.
• Experience in implementing ISO plans, procedures, and cyber defense operations.
• Experience tracking adoption rates and implementing centrally managed cyber services.
• Experience in developing strategic plans, roadmaps, and business cases for new cybersecurity initiatives.

ADDITIONAL REQUIREMENTS:

• Specific experience in implementing ISO plans, procedures, and cyber defense operations.
• Experience tracking adoption rates and implementing centrally managed cyber services.
• Experience in developing strategic plans, roadmaps, and business cases for new cybersecurity initiatives

Min Citizenship Status Required: H-1B

HOURLY RATE: $65/hr. Benefits available. C2C OK

Please contact Melissa McNally via mmcnally@altaits.com for consideration.

#M2