*We are unable to sponsor for this 12 Month Remote Contract to Hire role*

Prestigious Enterprise Company is currently seeking a Cyber Risk Management Controls Assessor with Azure and Oracle Control Assessment, as well as FedRAMP experience. Candidate will assess the effectiveness and conduct risk assessments of cyber risk management capabilities, including policies, processes, and technical capabilities, leveraging the enterprise cyber risk management requirement and control framework. In addition, they will have responsibilities to maintain the framework, harmonizing emerging regulations and cyber security frameworks to the framework, updating it and revising capability effectiveness criteria in collaboration with capability owners as needed.

Responsibilities:

• Cyber Risk Management Capability Assessments: Conduct in-depth assessments of the effectiveness of cyber risk management capabilities within the organization.
• Gap Analysis: Identify gaps in cyber risk management capability effectiveness and provide recommendations for enhancing the organization's cyber risk management posture.
• Documentation & Reporting: Develop detailed reports and documentation on assessment findings, remediation plans, and effectiveness metrics.
• Stakeholder Collaboration: Work closely with cyber risk management, technology, and business partners to ensure that cyber risk management capabilities are effective.
• Compliance, Standards, and Regulatory Alignment: Ensure adherence to regulatory and industry standard requirements such as NIST 800-53, SOC 2, 23 NYCRR 500, NAIC Model Law, and HIPAA, by harmonizing those requirement sets to the enterprise cyber risk management requirement framework. As regulations and standards are introduced and updated, enhance and extend the framework.

Qualifications:

Bachelors degree in Cybersecurity, Information Security, Computer Science, or a related field.

Minimum 5-8 years of experience in cyber security, compliance, cyber risk assessment, or security auditing.

Working knowledge of NIST 800-53, NIST 800-171, and FedRamp.

Demonstrated experience assessing both on-premises and cloud-based cyber risk management controls (Azure and Oracle Cloud Infrastructure)

Familiarity with technology management methodologies (DevOps, SAFe, ITIL)

Expertise in multiple cyber risk management domains

Understanding of cyber risk management oversight and administration processes, security architecture, technical security controls, and data protection strategies.

Strong analytical and problem-solving skills.

Excellent communication and report-writing abilities.

Ability to work independently and lead cyber risk management assessments.

Strong understanding of regulatory compliance and risk management principles.

Ability to collaborate with cross-functional teams and provide security guidance.

Required Skills:

• Azure Control Assessment
• FedRAMP
• Oracle Cloud control assessment

Certifications (Preferred): CISSP, CISA, CISM, CRISC, CAP, Security+, or equivalent.