Security Analyst to analyze security posture ratings for 61+ Online Driver Training Organizations licensed to operate by the State of Ohio Department of Public Safety.
This work can be done at any time, including nights and weekends.
This is a fully remote position, and other employment is permitted (candidate must be able to dedicate approximately 10 hours per week analyzing and communicating results).
The Department of Public Safety will provide access to the Third-Party Risk Management (TPRM) tool, Bitsight, and the assessment communication tool, OneTrust.
This position will function as part-time Cyber Security Consultant with specific responsibilities that include:
1. Review initial security assessment provided by online driver training companies at the time of application.
a. DPS to provide the security assessment questionnaire
b. Security Consultant to validate the security assessment is accurately and thoroughly completed
2. Review updated security assessment provided by online driver training companies for submission of changes of security controls.
3. Document and address concerns or clarifications needed for the security assessment review with the online driver education companies.
a. Security Consultant to compare responses against the assessment and industry standards
4. Review online driver training company annual attestations of compliance.
a. Security Consultant to validate the security assessment is accurately and thoroughly completed
b. Security Consultant to communicate any deficiencies in annual attestation to the online driver training company and facilitate the accurate completion of the attestation of compliance.
5. Contact and work with Bitsight to configure monitoring parameters. Use Bitsight functionality to direct the findings and remediation recommendations to the online driver training company.
6. Discuss findings with online driver training company
a. Security Consultant will use OneTrust as the Governance Risk and Compliance (GRC) tool to assess and communicate
b. Security Consultant does NOT assist the online driver training company determine corrective path of action.
7. Upon complaint for investigation, including but not limited to, reviewing updated monitoring results to confirm no falsification or other violation has occurred.
8. Run Bitsight reports and provide the information the business needs for administrative action. Communicate with DPS Driver Training Program Office on a consistent basis with status updates.
9. Monitor upcoming changes to the controls and communicate with the Driver Training Program Office with the specifics.
10. May need to provide testimony at administrative hearings. Any testimony is based on processes and expertise on security controls, if needed.
Required/Desired Skills| Skill Required /Desired Amount of Experience | |||
| Experience with Cybersecurity frameworks (NIST CSF, ISO 27001), Third-party risk assessment, Vendor Management, Data Privacy | Required | 3 | Years |
| Vulnerability management experience | Required | 3 | Years |
| Utilize Bitsight security ratings to assess driving school security posture | Required | 3 | Years |
| Daily or weekly tracking of vendor security ratings in Bitsight to detect drops in security performance | Required | 3 | Years |
| Generate automated reports and dashboards for business highlighting provider risk exposure and their security control effectiveness | Required | 3 | Years |
| Manage remediation plans within the GRC OneTrust to closure. | Required | 3 | Years |
| No. Question | |
| Question1 | Do you understand, and will abide by, the provision in your subcontract with OST that it is PROHIBITED for government equipment to be taken or used outside of the United States by your contractors? The consequences of this occurring can and will result in repercussions to you, the prime vendor, regardless if the candidate works for a sub-vendor of yours. It will also result in immediate termination of the contractor and make them ineligible for rehire in the program. |
| Question2 | Where does your candidate currently live? Please provide City/State. |
| Question3 | Interviews will be required to be in-person at the Shipley building at 1970 West Broad Street. Is your candidate willing and able to interview in person? Please do not submit candidates who are unable to interview in person. |
| Question4 | Candidate will be required to complete a Federal fingerprint check, conducted by DPS. Do you accept? |
...various ages (2-12), developing their skills, physical literacy, and teamwork abilities in 10 sports - Basketball, Soccer, Baseball, Football, Volleyball, Hockey, Tennis, Lacrosse, Track and Field and Golf. Our Coaches provide individualized attention to ensure...
.... Must submit a recent report of Tuberculosis (TB) skin test upon employment and provide an update annually. Must pass Arizona DPS Fingerprint Clearance (Class I & II). Must pass a substance abuse testing upon employment and submit to a random testing during the...
...OB/GYN Compensation: $325,000 $410,000 per year Job Type : Full-time, Permanent | 1:4 call rotation covering single hospital... ...design your practice around your professional goals within a premier, tech-forward environment, distinguished as one of the few HIMSS Stage...
...Now hiring across all U.S. states 100% Remote 100% Remote | Weekly commission based... ...Process Looking for a real work-from-home opportunity that actually pays and grows... ...fast and hiring motivated individuals immediately for a fully remote position with paid...
...academic learning to real-world situations and cultivate project management, problem-solving, and communication skills. And with... ...responsibly and ethically produced. Your Role: As a Pullet and Production Intern, you will partner with members of our Flock Service, Manure,...