IT Consultant 1 ITC1 (Security Resource)

Columbus, NE - USA

Monthly Salary: Not Disclosed

Posted on: 4 hours ago

Vacancies: 1 Vacancy

Job Summary

Key Responsibilities:

Risk Assessment and Analysis

Lead complex IT risk assessments and threat modeling activities across systems and applications.
Analyze trends and emerging risks to proactively recommend strategic mitigations.

Risk Mitigation and Management

Develop and oversee implementation of advanced risk mitigation strategies.
Monitor risk programs and revise controls based on performance metrics and audit outcomes.

Compliance and Governance

Ensure enterprise-wide compliance with federal and state regulations including HIPAA IRS Pub. 1075 NIST 800-53 MARS-E and ISO standards.
Support policy lifecycle management and contribute to enterprise GRC strategy.

Incident Management

Provide leadership in incident response and post-incident reviews.
Collaborate with internal teams on root cause analysis and long-term remediation planning.

Review System Security Plans (SSPs)

Review update and validate system security documentation for critical systems.
Ensure alignment with internal risk policies external contractual requirements and frameworks such as NIST and CIS.

External Audit Support

Serve as a key liaison to auditors and regulatory assessors.
Oversee evidence collection audit response documentation and control testing coordination.

IT Security Policy Leadership

Lead the creation and revision of organizational IT security policies.
Recommend and draft policy enhancements based on risk assessment results audit findings and regulatory changes.

Reporting and Documentation

Prepare and deliver executive-level reporting on risk posture findings and recommendations.
Maintain thorough documentation aligned with organizational and audit standards.

Collaboration and Communication

Represent IT risk in executive discussions technical project meetings and external partner engagements.
Coach and mentor junior staff IT and business personnel.

Qualifications:

Education:
Bachelors degree in Information Technology Computer Science Cybersecurity or a related field is required.
Masters degree in a related field preferred.
Experience:
Minimum of 7 to 10 years of experience in IT risk management cybersecurity or information assurance.
Demonstrated success leading cross-functional projects and managing compliance for large systems. Experiences in Heath and Human Services or Healthcare business preferred.
Certifications (Preferred):
CISA CISSP CRISC CISM CGEIT or similar credentials.
Technical Skills:
Expertise in risk frameworks (NIST 800-53 MARS-E ISO 27001) vulnerability management system security plans and audit lifecycle management.
Analytical Skills:
Exceptional critical thinking data analysis and risk prioritization abilities.
Communication Skills:
Strong verbal and written communication skills with the ability to tailor information to different audiences including executives.

Interpersonal Skills:
Demonstrated ability to collaborate across teams influence without authorityand drive organizational change

Skills	Required / Desired	Required Amount of Experience in years
Bachelors degree in Information Technology Computer Science Cybersecurity or a related field is required.	Required
Masters degree in a related field preferred.	Highly desired
Minimum of 7 to 10 years of experience in IT risk management cybersecurity or information assurance	Required	10
Experiences in Heath and Human Services or Healthcare business preferred.	Highly desired
CISA CISSP CRISC CISM CGEIT or similar credentials.	Highly desired
Expertise in risk frameworks (NIST 800-53 MARS-E ISO 27001) vulnerability management system security plans and audit lifecycle management.	Required	7
Demonstrated ability to collaborate across teams influence without authority and drive organizational change	Required	7

Key Responsibilities: Risk Assessment and Analysis Lead complex IT risk assessments and threat modeling activities across systems and applications. Analyze trends and emerging risks to proactively recommend strategic mitigations. Risk Mitigation and Management Develop and oversee implement...

Key Responsibilities:

Risk Assessment and Analysis

Lead complex IT risk assessments and threat modeling activities across systems and applications.
Analyze trends and emerging risks to proactively recommend strategic mitigations.

Risk Mitigation and Management

Develop and oversee implementation of advanced risk mitigation strategies.
Monitor risk programs and revise controls based on performance metrics and audit outcomes.

Compliance and Governance

Ensure enterprise-wide compliance with federal and state regulations including HIPAA IRS Pub. 1075 NIST 800-53 MARS-E and ISO standards.
Support policy lifecycle management and contribute to enterprise GRC strategy.

Incident Management

Provide leadership in incident response and post-incident reviews.
Collaborate with internal teams on root cause analysis and long-term remediation planning.

Review System Security Plans (SSPs)

Review update and validate system security documentation for critical systems.
Ensure alignment with internal risk policies external contractual requirements and frameworks such as NIST and CIS.

External Audit Support

Serve as a key liaison to auditors and regulatory assessors.
Oversee evidence collection audit response documentation and control testing coordination.

IT Security Policy Leadership

Lead the creation and revision of organizational IT security policies.
Recommend and draft policy enhancements based on risk assessment results audit findings and regulatory changes.

Reporting and Documentation

Prepare and deliver executive-level reporting on risk posture findings and recommendations.
Maintain thorough documentation aligned with organizational and audit standards.

Collaboration and Communication

Represent IT risk in executive discussions technical project meetings and external partner engagements.
Coach and mentor junior staff IT and business personnel.

Qualifications:

Education:
Bachelors degree in Information Technology Computer Science Cybersecurity or a related field is required.
Masters degree in a related field preferred.
Experience:
Minimum of 7 to 10 years of experience in IT risk management cybersecurity or information assurance.
Demonstrated success leading cross-functional projects and managing compliance for large systems. Experiences in Heath and Human Services or Healthcare business preferred.
Certifications (Preferred):
CISA CISSP CRISC CISM CGEIT or similar credentials.
Technical Skills:
Expertise in risk frameworks (NIST 800-53 MARS-E ISO 27001) vulnerability management system security plans and audit lifecycle management.
Analytical Skills:
Exceptional critical thinking data analysis and risk prioritization abilities.
Communication Skills:
Strong verbal and written communication skills with the ability to tailor information to different audiences including executives.

Interpersonal Skills:
Demonstrated ability to collaborate across teams influence without authorityand drive organizational change

Skills	Required / Desired	Required Amount of Experience in years
Bachelors degree in Information Technology Computer Science Cybersecurity or a related field is required.	Required
Masters degree in a related field preferred.	Highly desired
Minimum of 7 to 10 years of experience in IT risk management cybersecurity or information assurance	Required	10
Experiences in Heath and Human Services or Healthcare business preferred.	Highly desired
CISA CISSP CRISC CISM CGEIT or similar credentials.	Highly desired
Expertise in risk frameworks (NIST 800-53 MARS-E ISO 27001) vulnerability management system security plans and audit lifecycle management.	Required	7
Demonstrated ability to collaborate across teams influence without authority and drive organizational change	Required	7