Cybersecurity Program Consultant

Short Description: Cybersecurity Program Consultant Updated Start and End Dates: 6/15/22 thru 12/31/22. Complete Description: The Ohio Department of Aging (ODA) is looking for an experienced and highly skilled cybersecurity program consultant to join the team. She or he will assist ODA Information Systems Division (ISD)to build and cultivate a security focused culture through partnership and collaboration with the business and technology teams to deliver customer value and improve security posture of the organization. This position combines responsibility for Cybersecurity Strategy and Roadmap, Education and Awareness, Governance Risk and Compliance. This position will function as a Cybersecurity program consultant that include: Develop business domain expertise to inform the cybersecurity and compliance risk management strategy Assist with ODA ISD leadership team to establishing security roadmap, developing an effective strategy to assess and mitigate risk, establish appropriate standard and associated risk controls based in compliance with NIST 800-53. Ensure technology risk impacting the business is effectively identified, quantified, communicated and managed, including recommendations for resolution and identifying the root cause/key themes. Develops, implements, and maintains security controls, processes, and procedures to manage risk across all information system environments (infrastructure, network, and applications) with the assistance of the application and infrastructure management teams; Establishes and maintains a security risk governance framework; publishes and disseminates security policies, standards, and supporting materials to reduce risk through security awareness with the assistance of the Director of Technology; Determining how mainstream and emerging technologies can be safely and securely used to advance business strategy Assist and direct organization in the daily execution of identifying, developing, implementing, and maintaining processes to reduce strategic business and information risks. Develops overall Program plans, guidance, and procedures necessary to effectively execute diverse technical, administrative and program functions. REQUIRED SKILLS: 4-year college degree or equivalent technical study Proven experience leading and managing innovative teams of highly technical professionals 15+ years in privacy, security, or a related field One or more Information Security Certifications preferred: CISSP, CSSLP, CISM, CCSP, GSLC, GSEC, CISA Strong experience in developing cybersecurity roadmap and strategy Demonstrate clear and concise writing, and verbal skills to communicate complex issues and solutions in simple terms to all levels of the organization Strong experience in cybersecurity strategic planning, NIST compliance, CMMC or CMMI maturity models Strong experience in Program Management or experience planning and leading a team to achieve a technical goal. Demonstrated experience with collaborating in a highly matrixed environment which involves multiple internal and external stakeholders to gather data that enables prioritization and action Experience with developing key metrics reports, tracking project, develop corrective action project plans as required Experience with developing key metrics reports, tracking project, develop corrective action project plans as required Excellent analytical, project management and organizational skills with a keen attention to detail. Solid analytical/problem-solving skills with the ability to identify solutions to unusual and complex problems. Excellent written and verbal communication skills.