NCDOT - Architect - Expert ISO Policy Change Development
The candidate will be allowed to work remotely until all staff may be required to return to site. At that point the candidate may be required to come onsite. The candidate will need to come onsite the first day to collect equipment. Do you accept this requirement?
The NCDIT-Transportation Information Security Office (NCDIT-T ISO) requires a contract information security specialist (expert) architect/analyst resource to provide information security policy, process, procedure, and program development for NCDIT-Transportation and the NCDOT business. This position will be an NCDIT-Transportation Information Security Business Architect (ISBA, working title) dedicated primarily to support the creation and update of NCDOT's security program and related policies, standards, and procedures/processes.
Required/Desired Skills| Skill Required /Desired Amount of Experience | |||
| Current or prior role as a PCI-DSS Qualified Security Assessor (QSA) or PCI-DSS Internal Security Assessor (ISA) | Desired | 0 | |
| Experience leading or directly supporting PCI-DSS annual assessment for a L1 or L2 merchant, familiarity with PCI-DSS 3.2 or higher. | Desired | 0 | |
| Strong knowledge and experience architecting/designing implementations, configuring, and risk assessing AWS and/or Azure cloud computing environments. | Desired | 0 | |
| Progressive advanced experience as an IT information security professional working within an enterprise environment. | Required | 5 | Years |
| Hands-on experience implementing, administrating and operating technologies such as firewalls, IDS/IPS, SIEM, antivirus, network traffic analyzers | Nice to have | 5 | Years |
| Detailed technical experience with network security, security protocols, access control, cryptography, application security, and data protection. | Required | 5 | Years |
| Extensive experience with data classification, handling, assessment, and enforcement. | Required | 5 | Years |
| Experience implementing and supporting systems within enterprise-class data center environments. | Required | 5 | Years |
| Advanced knowledge of regulatory compliance including, but not limited to: OWASP, ISO, NIST, FISMA, PCI-DSS, HIPAA and IRS-1075. | Required | 5 | Years |
| Experience leading risk assessments using industry standard frameworks such as ISO or NIST for complex IT projects and technologies. | Required | 5 | Years |
| Experience developing, leading and executing information security incident response plans. | Required | 5 | Years |
| Experience developing and implementing information security policy, standards and procedures. | Required | 5 | Years |
| Experience providing research and evidence in support of audits. | Required | 3 | Years |
| CISSP information security certification. | Nice to have | 0 | |
| Specific experience implementing, administrating, or operating Tenable Nessus. | Nice to have | 0 | |
| Specific experience implementing, administrating, operating or utilizing IBM Qradar SIEM | Highly desired | 2 | Years |
| Experience consulting on information security solutions for a state or federal agency. | Required | 2 | Years |
| Experience implementing and operating enterprise class data networking solutions | Nice to have | 0 | |
| Experience implementing and operating enterprise class server and storage systems | Nice to have | 0 | Years |
| Detailed expert knowledge of NIST 800-53, and performing risk assessments utilizing NIST 800-53. | Required | 2 | Years |
| Detailed expert knowledge of ISO 27001, and performing risk assessments utilizing ISO 27001 | Nice to have | 0 | |
| Detailed expert knowledge of the NIST Cyber Security Framework (CSF), and performing risk assessments utilizing the NIST CSF. | Required | 2 | Years |
| Familiarity and experience with the Department of Homeland Security (DHS) Cyber Security Evaluation Tool (CSET). | Nice to have | 2 | Years |
| Experience consulting on information security and IT solutions for a state motor vehicles agency or department of transportation. | Required | 0 | |
| Experience performing risk assessments, documenting and driving compliance with the North Carolina DIT Statewide Information Security Manual. | Required | 0 | |
| Experience completing NC Department of Information Technology Privacy Threshold Analysis (PTA) documentation. | Nice to have | 0 | |
| Experience completing NC Department of Information Technology Vendor Readiness Assessment Report (VRAR) documentation. | Highly desired | 0 | |
| Trained and experience implementing and operating with ITIL (formerly Information Technology Infrastructure Library) concepts. | Nice to have | 0 | |
| ITIL (formerly Information Technology Infrastructure Library) certification. | Nice to have | 0 | |
| Familiarity and practical experience with SABSA or TOGAF enterprise architecture frameworks and methodologies. | Nice to have | 0 | |
| SABSA or TOGAF certification. | Nice to have | 0 |
Recommended Jobs
Cashier (Starting at $13.50++)
Job Description Job Description Use your skills to transform your local community. Goodwill Industries of Northwest North Carolina offers numerous career opportunities with competitive pay, excel…
Diagnostic Medical Sonographer
Job Description Job Description Benefits: ~401(k) ~401(k) matching ~ Competitive salary ~ Dental insurance ~ Flexible schedule ~ Health insurance ~ Paid time off ~ Relocation bonus…
Dental Insurance Coordinator
At Stansell Dentistry Associates, we are committed to providing exceptional dental care and ensuring our patients have a seamless experience from appointment to billing. We are seeking a detail-orien…
Field Service Engineer Supervisor
About the Role Location United States of America North Carolina Raleigh Remote vs. Office Remote only Company Siemens Energy, Inc. Organization Grid …
Embrace Nature's Charm: CVICU Nurse in Asheville!
Registered Nurse - Cardiovascular - Travel - (Cardio - CVICU RN) Embrace the charm of Asheville, a city that captures the heart with its stunning Blue Ridge Mountains and vibrant arts scene. As a CVI…
Marketing Associate
Job Description Job Description Company Description About Us At Property Soar , we are dedicated to elevating the real estate experience through innovation, leadership, and unwavering c…
Tactical Data Link Analyst
Job Description Job Description JRAD is seeking candidates for Tactical Data Link Analysts who are responsible for coordinating and supporting the daily operations of Tactical Data Link (TDL) sys…
Part-Time Warehouse Manager
Your Peace of Mind is our Priority Dawson's Electric & Air – Where Your Peace of Mind is Our Priority Are you ready to leave behind a job that feels like just a grind and step into a role that v…
Personal Care Assistant (PCA)
Job Description Job Description ( PCA ) Personal Care Assistant We are currently exploring the workforce for compassionate, highly-skilled, and reliable personal care assistant (PCA) to serve a…
Child Support Specialist
Job Description Job Description Summary of Position The Child Support Specialist position includes providing full services to customers in all stages of the child support process. The Specialist…