Cybersecurity Specialist

Saint Paul, MN - USA

Monthly Salary: Not Disclosed

Posted on: 7 hours ago

Vacancies: 1 Vacancy

Job Summary

For further inquiries regarding the following opportunity please contact our Talent Specialist Abdul at (or) Vijay Raj Jayachandran at

Title: Cybersecurity Specialist

Duration: 6 Months

Location: St. Paul MN

Only W2 candidates are eligible for this position. Third-party or C2C candidates will not be considered

Description:

As a Cybersecurity Specialist you will play an important role in ensuring that client product technologies leveraged by healthcare providers and consumers are secure-by-design. These technologies range from regulated medical devices to e-commerce and customer loyalty solutions. You will evaluate the cybersecurity posture of new and existing product technologies identify risks recommend mitigation strategies and ensure timely remediation and closure. You will bring deep expertise in security risks controls mitigations and global cybersecurity standards to Clinets product teams.
This role is expert-driven and guidance focused requiring strong technical depth excellent communication skills and a proven ability to navigate a large global environment. You will partner closely with internal product owners developers engineers security architects and external collaborators to evaluate solutions strengthen governance and guide secure product development.
Your work will directly contribute to the delivery of scalable compliant and secure product technologies cloud services and connected applications.
The role focuses on consultative responsibilities rather than hands on development or cybersecurity operations.

The Cybersecurity Specialist support cybersecurity operations by designing developing or recommending secure technical solutions including policy standards applications systems architectures and infrastructure that are operationally viable and efficient.
Ensure appropriate application of security products and technologies to protect the organizations systems and information and enable achievement of the organizations objectives.
Manage and design innovative integration of cybersecurity toolsets to enable more automated discovery remediation and alerting of network and device vulnerabilities as a means of improving the security posture.
Perform analysis of emerging technologies and design and build architectures and solutions to enable secure implementation of new technologies.

Duties:

Develop a risk-based cyber security program which meets regulatory requirements and aligns with industry leading information security practices. Perform threat identification and mitigation activities using industry leading security controls and tools sets.
Advance the Companys cyber threat and vulnerability management program to ensure consistent identification analysis response and monitoring of cyber security threats events and vulnerabilities.
Assess threats to the business and deploy countermeasures for those threats. Collaborate with business units application development teams and third-party vendors to achieve program requirements while enabling the business.
Apply technical knowledge to protect the Company against cyber threats (e.g. knowledge of firewalls intrusion detection and prevention systems data loss prevention solutions endpoint protections log aggregation technology and other leading-edge security technologies).
Facilitate cross team coordination to achieve defined security goals as well as meet technical requirements in support of detailed implementation plans for security projects.
Manage security projects to ensure the timely on budget and effective implementation of cyber security improvements that are operationally supported with validation methods in place to measure effectiveness. Perform assessment of cyber security incidents to identify the root cause respond and recover the environment.
Develop strategies policy and standards to protect company information and technology assets.
Manage capital and operational expense budgets to ensure accurate forecasting and administration.
Develop and maintain security guidance documentation including standards and frameworks
Conduct full-stack architecture reviews of products and platforms including consumer identity platforms
Perform cybersecurity threat modeling and prepare outputs for review by internal and external stakeholders
Establish document and monitor compliance with risk based and regulatory-informed cybersecurity requirements for individual products
Collaborate with product designers and developers to ensure security considerations are integrated early into product design discussions
Validate the security of product software supply chains and product deployment pipelines
Develop risk mitigation strategies and recommend appropriate security controls
Assess and prioritize product security risks through detailed evaluation of vulnerability assessments and penetration testing results
Evaluate the effectiveness of product cybersecurity controls
Identify and effectively communicate cyber risk trends
Ensure risk management plans are clearly documented actionable and accurately reflect the organizations risk tolerance
Track and ensure product compliance with defined vulnerability remediation SLAs.
Participate in governance forums architecture reviews and technical discussions as a representative of Product Cybersecurity

Required:

At least 5 years of experience but typically 7 plus years of experience is required.
Possess expertise in valuing and implementing industry standards such as the ISO 27001/2 SOC 2 HITRUST and FedRAMP Information Security standard and the ISO 22301 Business Continuity Standard.
Experience with implementation and operational use of GRC toolsets (Governance Risk and Compliance).
Possess CISSP certification (or similar) and be knowledge of national and international regulatory compliances and frameworks such as ISO SOX BASEL II EU DPD HIPAA and PCI DSS.

About You

7 years of experience in cybersecurity or technology architecture assessment or consulting with a focus on the development of secure digital product technologies
Experience conducting risk assessments control assessments and governance reporting
Ability to clearly articulate cybersecurity risks and recommended mitigations to product development teams
Strong understanding of modern technology stacks including cloud native architectures and API-driven services
Understanding of core concepts related to identity and access management secure software development network security and cryptography
Familiar with device to device service to service and consumer identity and access management practices
Familiarity with modern phishing-resistant authentication technologies including WebAuthn and Passkeys
Understanding of cybersecurity risks associated with emerging technologies including quantum computing and artificial intelligence
Knowledge of global medical device regulatory frameworks
Excellent analytical problem-solving and communication skills
Working knowledge of security frameworks and standards (e.g. NIST ISO/IEC 27001 PCI DSS)
Strong collaboration and influencing skills with the ability to work effectively across technical and business teams
Exceptional written and verbal communication skills with the ability to tailor complex information for diverse audiences
Strong analytical and problem solving skills with the ability to work independently and manage multiple priorities
Bachelors degree in Cybersecurity Computer Science Information Systems Information Assurance Software Engineering or a related field

Preferred Qualifications

Strong preference for candidates with cybersecurity experience across e commerce mobile apps IoT or medical devices.
Preferred certifications include CISSP HCISPP CISM CCSP SABSA Foundation CISA or similar industry-recognized certifications

About us: DivIHN the IT Asset Performance Services organization provides Professional Consulting Custom Projects and Professional Resource Augmentation services to clients in the Mid-West and beyond. The strategic characteristics of the organization are Standardization Specialization and Collaboration. DivIHN is an equal opportunity employer. DivIHN does not and shall not discriminate against any employee or qualified applicant on the basis of race color religion (creed) gender gender expression age national origin (ancestry) disability marital status sexual orientation or military status.

For further inquiries regarding the following opportunity please contact our Talent Specialist Abdul at (or) Vijay Raj Jayachandran at Title: Cybersecurity Specialist Duration: 6 Months Location: St. Paul MN Only W2 candidates are eligible for this position. Third-party or C2C candidat...