Cyber Security Controls Assessor - Career

Contract Details (Contract roles only):

• Position Type: Contract
• Contract Duration: 12 Months
• Start: As Soon As Possible
• Pay Rate: $60 – $65/hr

Job Summary

Key Responsibilities

• Perform multi-platform assessments (applications, databases, operating systems, middleware, monitoring tools, and business processes) based on predefined test objectives and plans
• Perform retesting of remediated or updated controls
• Obtain, review, and interpret evidence to validate control effectiveness
• Execute and report IT compliance assessments aligned with NIST SP800-53, SP800-115, SOX, and NERC CIP standards
• Review organizational IT policies, standards, and procedures to identify control points that mitigate risk
• Analyze test results and evidence to identify vulnerabilities and control deficiencies
• Partner with stakeholders to establish sustainable remediation plans
• Identify risks associated with control failures and recommend mitigating controls
• Ensure control documentation is updated to reflect the current control environment
• Support Compliance leadership as needed

Required Experience

• BA/BS in Computer Science, Business, or equivalent experience
• Minimum 3 years of general IT experience, including IT security or IT risk management
• Experience using Excel worksheets, workbooks, and formulas
• Experience managing multiple projects with conflicting priorities
• At least one current and valid certification from: CCNA, CISA, CRISC, CIA, or CISSP

Nice-to-Have Experience

• Utility industry experience
• Big 4 experience
• Experience with Sarbanes-Oxley (SOX) compliance
• Experience with NIST SP800-53 security controls

Required Skills

• Deep understanding of security frameworks and IT assessment processes
• General computing controls (GCC) knowledge
• Risk identification and control gap analysis

Preferred Skills

• Knowledge of COBIT and ITIL frameworks
• Regulatory standards (SOX, NERC/CIP) expertise
• Strong planning and project management skills
• Multi-project management capability
• Detail-oriented and analytical mindset

Additional Skills

• Understanding of application, database, network, and systems security
• Ability to interpret audit evidence and documentation
• Strong oral and written communication skills
• Ability to work independently in a fast-paced environment
• Collaboration with control owners and stakeholders

Working Conditions

• Local candidates only (Oakland area)
• Hybrid role with monthly onsite requirement (adjusted as needed)
• Client laptop provided (temporary use of personal laptop via Citrix if delayed)

Benefits

• Medical, Vision, and Dental Insurance Plans
• 401k Retirement Fund

About GTT