Cybersecurity Governance Specialist
 Spectraforce Technologies | |
 United States, Florida, Jacksonville | |
 Apr 16, 2025 | |
|
Job Title: Cybersecurity Governance Specialist
Location: 100% Remote Duration: 7 Months Job Summary: The Cybersecurity Governance Specialist develops and maintains detailed information security policies, processes, configuration baselines, and standards. The individual in this position interacts closely with personnel from various IT departments including the application development, operations, network, and privacy teams. They assist with annual and ongoing audit assessments as well as define processes and standards to ensure that security configurations are maintained, and other applicable security requirements are in place. They provide consultative guidance on the development of information security strategies, procedures, policies, baselines, and programs. Essential Functions * The essential functions listed represent the major duties of this role, additional duties may be assigned. * Develops information security processes, policies, standards, baselines, procedures, and run books. * Partners with other IT SMEs to create and maintain the necessary documentation for security systems, procedures, and security diagrams * Coordinate with different IT and information security stakeholders to understand and identify gaps between original process and documented process. * Develop and implement customized technical documents; gather information about needs, objectives, functions, features and requirements from cross functional security teams. * Lead the enterprise information security governance artifact review committee * Participates in initiatives to identify, select and implement technical controls. * Works with IT leadership to develop strategies and plans to enforce security requirements and address identified risks. * Advises IT Security other IT teams on normal and exception-based processing of security authorization requests. * Proactively identifies company-wide program opportunities and works to implement solutions. Guides the direction of the overall information security program. * Develop memorandums, reports, project plans, performance work statements and briefings as directed. * Researches, evaluates, and recommends information security related hardware and software including development of businesses cases for security investments. Required Work Experience: 4+ years related work experience - IT Security Technical Writing, Process Analysis, SharePoint Administration, IT Audit, Controls Auditor, or Infrastructure Controls Required Education: High school diploma or GED Required Licenses and Certifications: Security+ Additional Required Qualifications: * Possess experience with SharePoint Online, including building approval flows, managing document libraries, and implementing other collaborative solutions to support information security governance and compliance. * Foundational knowledge of information risk concepts and principles and impact *Foundational knowledge of NIST, HITRUST, ARS, or other security controls framework and the ability to assess the effectiveness of controls. *Proven leadership abilities including effective knowledge sharing, conflict resolution, facilitation of open discussions, fairness and displaying appropriate levels of assertiveness. *Knowledge of audit and assessment activities and processes. *Proven ability to work under stress in emergencies with flexibility to handle multiple high-pressure situations simultaneously. *Ability to interpret and communicate highly complex technical information clearly and articulately for all levels and audiences. *Ability to manage tasks independently and take ownership of responsibilities *Ability to learn from mistakes and apply constructive feedback to improve performance *Strong customer focus with ability to manage customer expectations and experience and build long-term relationships. *Strong team-oriented interpersonal skills with the ability to interface with a broad range of people and roles including vendors and IT-business personnel. *Ability to adapt to a rapidly changing environment *High critical thinking skills to evaluate alternatives and present solutions that are consistent with business objectives and strategy. *Must demonstrate initiative and effective independent decision-making skills *Expertise in implementing, documenting, and maintaining baseline configuration frameworks for a range of IT systems, including operating systems, applications, and network devices, with a focus on industry-recognized standards such as CIS (Center for Internet Security) and DISA STIGs (Defense Information Systems Agency Security Technical Implementation Guides). *Possesses experience with SharePoint Online, including building approval flows, managing document libraries, and implementing other collaborative solutions to support information security governance and compliance. Preferred Licenses and Certifications: CISSP - Cert Information Systems Security Prof Additional Preferred Qualifications: *4 or more years' experience directly related to HIPAA, HITRUST, and/or Center for Medicaid and Medicare Services (CMS) Acceptable Risk Safeguards (ARS) controlsPosition is offered by a no fee agency. | |