DOT Security Careers

Description

The Cybersecurity Compliance Consultant is not a remote position. This role is required to be on-site at the DOT Security-  Security Operations Center.

 

DOT Showcase

• Act as point of contact for client resources in relation to reported compliance violations 
• Advise clients on appropriate use of compliance reporting tools and related technology 
• Aid external auditors & authorities with client compliance reviews & investigations 
• Assist with client business associate contract maintenance & respond if problems arise 
• Develop a vision & roadmap for client compliance controls, processes, & risks 
• Facilitate allocation of appropriate resources for effective compliance policy implementation 
• Perform periodic gap analysis & ongoing compliance monitoring for client organizations 
• Remain up-to-date on compliance laws, rules, & regulations & inform clients about changes 
• Support the development & implementation of written compliance policies & procedures 
• Track client compliance documents & support the filing of compliance reports as needed 
• Act with a sense of urgency, identify alternatives, & set realistic timeframes for resolution 
• Complete work based on priority, follow through as promised, & set expectations 
• Contribute to & perform both new & pre-existing plans, instructions, & procedures 
• Demonstrate active listening & critical thinking skills & comprehend received information 
• Interpret & understand complex & evolving concepts in a dynamic, fast-paced environment 
• Maintain awareness of technology advancements & their cybersecurity implications 
• Understand & present technical concepts to non-technical audiences 
• Provide exceptional customer service & remain calm under pressure 
• Resolve problems in early stages & ticket labor, notes, & details in a ticketing system 

Qualifications & Experience

• Client relationship management (listening, setting expectations, delivering results) 
• Feedback interpretation for process, product, & service improvement 
• Policy, process, & procedure writing & review concepts 
• Project Management principles & techniques 
• Risk assessment methodologies & management processes (scoring, mitigation) 
• Supply chain risk management standards, processes, & practices 
• Ability to work independently & as part of a team 
• Adaptability to situations in which data is incomplete or where no precedent exists 
• Communicate & collaborate in a clear, professional, & concise manner using technology, tools, & workspaces 
• Critical thinking, customer service skills, & passion for cybersecurity 
• Documenting & communicating complex technical concepts, incidents, problems, & events 
• Knowledge of IT assets (apps/data/devices/networks/users) & related security concepts (monitoring/hardening) 
• Preparation & delivery of reports, plans, & briefings using presentation technology 
• System administration and cybersecurity theories, concepts, & methods 
• System resiliency, redundancy, continuity, & disaster recovery concepts 
• The ability to work ethically & with integrity 

Other Desire Attributes

• Public Trust background check (Limited Requirement) 
• Relevant work experience in managed services industry 
• Cyber community participation (conferences/groups/tool authoring/CTFs) 
• Understanding of CIS Controls, CMMC, NIST 800-171, NIST 800-53, FedRAMP 
• Relevant college degrees 
• Certifications including GRCP, CRISC, Cyber-AB CCP, Cyber-AB CCA, IAPP CIPP/US, IAPP CIPM