Principal Cybersecurity Consultant

Confidential - Los Angeles, CA

posted 13 days ago

Full-time - Principal
Los Angeles, CA

About the position

The Principal Cybersecurity Consultant will play a critical role in enhancing the cybersecurity posture of the agency by assisting with security strategy updates, governance, risk assessments, and compliance initiatives. This position requires collaboration with various stakeholders to ensure effective management of information security-related activities and the development of robust security processes.

Responsibilities

  • Assist with security strategy updates addressing the evolving risk landscape.
  • Assist with security governance aligned to NIST CSF to sustain an effective cybersecurity program.
  • Conduct security risk assessments for third parties/projects/initiatives and provide solution recommendations.
  • Manage information security-related activities including analysis, identification, estimation of InfoSec efforts, and development of remediation measures.
  • Develop, conduct, and document executive-level reporting and strategy formulation.
  • Create and maintain a centralized information security register to manage all InfoSec information and document changes relevant requirements.
  • Collaborate with internal and external stakeholders to maintain an understanding of current risks, new systems, and changes to the environment.
  • Support the development, implementation, and maintenance of strong security risk & compliance processes for new and existing deployments.
  • Participate in vendor due-diligence processes and third-party security risk management efforts, including contract reviews related to Information Security.
  • Support internal and external audit and assessment processes for relevant compliance (PCI DSS, Privacy, etc.).
  • Create security guidelines, checklists, and other documentation to support projects and initiatives.
  • Develop and present metrics, reports, and dashboards.
  • Develop documentation for information security controls, acquisitions, and process or system changes.
  • Stay up to date on developing regulatory concerns, evolving IT, and information security trends.

Requirements

  • Minimum of 15 years' experience supporting companies of a similar size as LA Metro with data and network security remediation and regulatory compliance initiatives.
  • Experience working with a transit Universal Fare System (UFS) and the Cubic Payment Application (CPA) related to transportation agency data compliance.
  • Knowledge of cybersecurity technology and compliance in transit systems.
  • Strong background in processes, policies, procedures, systems, practices, and professional standards of cybersecurity.
  • Knowledge of industry best practices and relevant legal requirements pertaining to cybersecurity, compliance, and privacy laws and regulations.

Nice-to-haves

  • Experience with TSA/DHS transport directives, DMV rules and regulations, and other transportation agency cybersecurity rules and regulations.

Benefits

  • Competitive hourly pay starting from $100 per hour.
  • Full-time contract position with a Monday to Friday schedule.

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service