Chief Information Security Manager

Chief Information Security Manager

Address : Syosset, NY (Hybrid)

Full Time Position

Scope of Work :

The vCISO shall provide expert virtual cybersecurity services during normal business hours except in the event of a security incident or breach.

HCC seeks a fresh perspective on its security measures and protocols to not only improve its posture, but also to identify new risks and opportunities. The vCISO will also be responsible for leading HCC's efforts to address the nine (9) elements of the Gramm-Leach-Bliley Act (GLBA) for compliance purposes.

• Perform a detailed cyber risk assessment that includes the following, but not limited to :

Identifying, estimating, and prioritizing information cyber security risks at college;

The policies include but not limited to :

CYBERSECURITY INCIDENT OR BREACH

In the event of a cybersecurity incident or breach, the vCISO will :

All devices and equipment necessary to perform duties under this contract will be provided by HCC.

EDUCATION

At a minimum, the Contractor must possess a bachelor's degree in cybersecurity, computer science, information technology, or a related field from an accredited higher education institution in the United States. A master's degree is preferred.

EXPERIENCE

CERTIFICATION(S)

The Contractor must possess at least one of the following related certifications :

KNOWLEDGE & SKILLS

Skill Matrix :

Knowledge of Security Frameworks : Demonstrate an understanding and application of industry-standard security frameworks, such as the National Institute of Standards and Technology (NIST) 800-53, Center of Internet Security (CIS) Critical Security Controls, and CIS Implementation Group 1

(IG1).

Cybersecurity Technologies : Demonstrate familiarity with current security technologies, especially any commonly used technologies in higher education.

Threat Intelligence and Incident Response : Demonstrate experience in threat detection, vulnerability / risk assessments, and incident response.

Education : Possess a bachelor's degree or higher in cybersecurity, computer science, information technology, or a related field from an accredited higher education institution in the United States.

Experience : Demonstrate years of experience providing CISO-level services, specifically virtual or remote services. Prove the ability to convey complex security concepts to non-technical stakeholders. Demonstrate leadership experience, especially in advising executive teams and boards on cybersecurity.

Certifications : Demonstrate relevant professional certifications such as CISSP, CISM, or CISA to validate skills and knowledge.

Demonstrate knowledge of regulatory requirements and risk management practices.

About Us :

InterSources Inc. is a Small, Woman, and Minority-Owned Business Enterprise, ISO / IEC 27001, SOC 2 Type 2 certified company with massive 18+ years of diversified experience in providing IT Consulting Services, Artificial Intelligence, Data Analysis, Application Development, Cloud Services, Cybersecurity, Digital Marketing, ERP Management, Custom Software Development, Web Development, UI / UX Design, System Integration, QA Support etc. We make reasonable accommodations for clients and employees, and we do not discriminate based on any protected attribute including race, religion, color, national origin, gender sexual orientation, gender identity, age, or marital status. We also are a Google Cloud and Oracle partner company.