ISO Program Coordinator/SME (Hybrid)

“Join GD Resources for dynamic opportunities in business management and IT, where innovation meets excellence.”

Job Types: Full-time, Contract

Pay: $138,000.00 - $155,000.00/ year

Benefits:

• Dental insurance
• Flexible schedule
• Health insurance
• Life insurance
• Paid time off
• Vision insurance

Schedule:

• 8 hour shift
• Day shift

• Team Management: Provide administrative assistance to the ISO Program Director, including scheduling meetings, managing correspondence, and organizing documentation related to program activities.
• Policy Development: Contribute to the development and refinement of information security policies, standards, and guidelines to ensure alignment with industry best practices and regulatory requirements.
• Service Delivery: Coordinate the provisioning of centrally managed cyber services to address the evolving requirements of Maryland agencies following the assessment of a particular agency and identification of pertinent needs. Coordinate meetings, workshops, and communications with internal and external stakeholders under the guidance of the ISO Program Director, fostering collaboration and information sharing to support program objectives. Encourage collaboration and the exchange of information to advance the objectives of the program.
• Compliance Management: Ensure strict adherence to statewide information technology policies, standards, and guidelines. Regularly monitor agency compliance with these directives and promptly address any instances of non-compliance through appropriate measures.
• Reporting and Evaluation: Develop and maintain real-time reporting mechanisms to track program performance, assess organizational maturity, and identify areas for improvement.
• Representation and Advocacy: As the ISO Program representative, attend meetings, conferences, and other relevant forums specifically within agencies assigned to the program. Advocate for DoIT centrally managed service and effectively communicate the programs objectives to stakeholders. Ensuring that agency-specific cybersecurity concerns are addressed and align with the overarching goals of the program.
• Continuous Improvement: Drive continuous improvement initiatives within the ISO Program, incorporating feedback, lessons learned, and best practices to enhance program effectiveness and efficiency.
• Assessment and Remediation: Support OSM in the coordination for cybersecurity assessments, review security architecture and design, and coordinate remediation efforts to address identified risks and vulnerabilities.
• Cross-Functional Collaboration: Collaborate with other departments and teams within the organization to support the use of DoIT centrally managed services and align information security efforts with broader organizational goals, as directed by the ISO Program Director.

• Minimum of 5 years’ experience in information security , with at least 3 years’ experience in implementing cyber assessment and remediation plans, procedures, and cyber defense operations.
• Minimum of 3 years of Information System Security Management.
• 2 years experience in program management.
• Demonstrated experience in the development and implementation of information security policies, standards, and procedures.
• Excellent leadership, communication, and interpersonal skills.
• Proven ability to manage complex projects and drive results in a dynamic environment.
• Analytical and problem-solving skills, with the ability to analyze complex security issues and develop effective solutions.

• In-depth knowledge of information security frameworks, standards, and best practices (e.g., NIST Cybersecurity Framework, NIST 800-53/800-171).
• Experience tracking adoption rates and implementing centrally managed cyber services.
• Experience in developing strategic plans, roadmaps, and business cases for new cybersecurity initiatives

• Graduate degree or certifications such as CISSP, CISM, or CISA
• Strong knowledge of industry standards, regulations, and best practices related to information security, including ISO 27001, NIST Cybersecurity Framework, and General Data Protection Regulation (GDPR).
• Excellent communication and collaboration skills, with the ability to effectively communicate technical concepts.
• Project management skills, with experience in planning, scheduling, and monitoring the delivery of cybersecurity services.
• Proven experience in managing large-scale cybersecurity projects, including planning, execution, monitoring, and closing phases.
• Ability to coordinate cross-functional teams and manage multiple projects simultaneously.
• Experience working with state government agencies or similar large-scale organizations.
• The candidate must be able to travel to the Maryland Department of Information Technology (DoIT) office
• Familiarity with federal, state, and local regulations related to information security and privacy.