The primary duties involve overseeing the daily operations of ISO-related projects and processes, planning and
scheduling service delivery and adoption, identifying opportunities for the development of new services within their
assigned organizations. Detailed responsibilities include, but are not limited to:
Duties/Responsibilities:
Develop and maintain metrics to track adoption rates and regularly assess and enhance security controls,
conducting assessments and evaluations to ensure effectiveness and compliance with established
standards.
Review and implement security policies to ensure compliance with regulatory requirements and
organizational standards.
Conduct thorough reviews of vulnerability data, coordinating with stakeholders to prioritize and address
identified vulnerabilities effectively.
Actively participate in Authorization to Operate (ATO) assessments, contributing expertise to ensure
systems meet security requirements for operation.
Collaborate with cross-functional teams to develop and enhance security protocols and procedures for
seamless integration and utilization.
Regularly report on adoption rates and identify areas for improvement.
Monitor security systems to detect and respond to potential threats.
Act as the primary point of contact for ISO agency-related inquiries and engagements.
Monitor progress against established plans and adjust as necessary.
Develop strategic plans and roadmaps for service delivery.
Education:
Bachelor's degree in computer science, information technology, cybersecurity,
or a related field. Advanced degrees or certifications such as CISSP, CISM, or CISA are
preferred.
General Experience:
Minimum of 5 years’ experience in information security management.
Analytical and problem-solving skills, with the ability to analyze complex security issues and develop
effective solutions.
Specialized Experience:
Specific experience in implementing ISO plans, procedures, and cyber defense operations.
Experience tracking adoption rates and implementing centrally managed cyber services.
Experience in developing strategic plans, roadmaps, and business cases for new cybersecurity initiatives
Preferred Qualifications:
Graduate degree or certifications such as CISSP, CISM, or CISA
Strong knowledge of industry standards, regulations, and best practices related to information security,
including ISO 27001, NIST Cybersecurity Framework, and General Data Protection Regulation (GDPR).
Excellent communication and collaboration skills, with the ability to effectively communicate technical
concepts.
Project management skills,