Description
As a Senior Cyber Security Assessor at Meriplex, you will play a crucial role in ensuring the security and integrity of our customer’s digital infrastructure. This position involves conducting rigorous assessments of customer’s cyber security measures, identifying vulnerabilities, and evaluating risk management strategies to protect our customer’s information systems and networks.
Responsibilities
Security Audits: Conduct comprehensive internal and external security audits to identify vulnerabilities and non-compliance with established information security standards.
Risk Assessment: Perform detailed risk assessments on information systems and infrastructure to determine potential security threats and develop risk mitigation strategies.
Compliance Checks: Ensure compliance with relevant security standards such as HIPAA, CIS 18, NIST CSF, NIST 800-171 and 53, CMMC, FFIEC, GDPR, and PCI DSS, and prepare for upcoming regulatory changes.
Reporting: Prepare detailed reports that outline findings from security assessments, including risk analysis, vulnerabilities, and recommendations for improvement.
Collaboration: Work closely with departments and customers to implement security measures and practices effectively.
Continuous Learning: Stay updated with the latest security threats, trends, and technologies to continually enhance our security framework.
Training and Guidance: Provide training and guidance to other departments on security best practices and risk management techniques.
Qualifications
Bachelor’s degree in Cyber Security, Information Technology, Computer Science, or a related field; or related experience
At least 5+ years of experience in cyber security assessments or a related field.
Strong understanding of information security principles, frameworks, and standards (e.g., HIPAA, CMMC, NIST, CIS).
Proficient in using security testing tools and software.
Excellent analytical and problem-solving skills.
Effective communication skills, both written and verbal, with the ability to present complex information to non-technical stakeholders.
Preferred Skills
Certifications such as CISSP, CISA, or similar.
Experience in a regulated industry, understanding specific compliance requirements.
Advanced knowledge of network infrastructure and database security.
#J-18808-Ljbffr
Responsibilities
Security Audits: Conduct comprehensive internal and external security audits to identify vulnerabilities and non-compliance with established information security standards.
Risk Assessment: Perform detailed risk assessments on information systems and infrastructure to determine potential security threats and develop risk mitigation strategies.
Compliance Checks: Ensure compliance with relevant security standards such as HIPAA, CIS 18, NIST CSF, NIST 800-171 and 53, CMMC, FFIEC, GDPR, and PCI DSS, and prepare for upcoming regulatory changes.
Reporting: Prepare detailed reports that outline findings from security assessments, including risk analysis, vulnerabilities, and recommendations for improvement.
Collaboration: Work closely with departments and customers to implement security measures and practices effectively.
Continuous Learning: Stay updated with the latest security threats, trends, and technologies to continually enhance our security framework.
Training and Guidance: Provide training and guidance to other departments on security best practices and risk management techniques.
Qualifications
Bachelor’s degree in Cyber Security, Information Technology, Computer Science, or a related field; or related experience
At least 5+ years of experience in cyber security assessments or a related field.
Strong understanding of information security principles, frameworks, and standards (e.g., HIPAA, CMMC, NIST, CIS).
Proficient in using security testing tools and software.
Excellent analytical and problem-solving skills.
Effective communication skills, both written and verbal, with the ability to present complex information to non-technical stakeholders.
Preferred Skills
Certifications such as CISSP, CISA, or similar.
Experience in a regulated industry, understanding specific compliance requirements.
Advanced knowledge of network infrastructure and database security.
#J-18808-Ljbffr