Lead Cybersecurity Risk Assessor

Title: Lead Cybersecurity Risk Assessor (NIST / State Government)

Location: Remote with Travel Throughout Florida

Tagged:  Cyber Security, Project Based

Employment Type: Contract / Project-Based

Position Summary

We are seeking a Lead Cybersecurity Risk Assessor to support a large-scale public-sector cybersecurity assessment initiative involving multiple government entities across the State of Florida.

The selected professional will serve as the technical lead responsible for planning, conducting, and overseeing enterprise cybersecurity risk assessments aligned with NIST SP 800-30, NIST SP 800-53 Rev. 5, and cybersecurity governance frameworks. This individual will lead assessment teams, conduct executive-level interviews, evaluate organizational controls, identify security risks, and develop strategic remediation recommendations.

Candidates must possess substantial experience leading cybersecurity assessments within government, education, healthcare, or highly regulated environments.

Key Responsibilities

• Lead cybersecurity risk assessments across multiple organizations and locations.
• Evaluate administrative, technical, and operational security controls.
• Conduct executive interviews and stakeholder workshops.
• Review cybersecurity policies, standards, procedures, and governance frameworks.
• Perform risk identification, threat analysis, vulnerability assessments, and risk scoring.
• Map findings to NIST Cybersecurity Framework and NIST 800-53 control families.
• Develop remediation strategies, implementation roadmaps, and risk mitigation plans.
• Prepare executive briefings, technical reports, and risk assessment documentation.
• Provide quality assurance oversight for assessment teams and project deliverables.

Required Qualifications

• Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or related field.
• 10+ years of cybersecurity, risk management, or information assurance experience.
• 7+ years leading enterprise cybersecurity assessments.
• Demonstrated experience with NIST SP 800-30 and NIST SP 800-53.
• Experience supporting state government, federal government, education, or public-sector organizations.
• Strong report-writing and executive presentation skills.

Preferred Certifications

• CISSP
• CISA
• CRISC
• CISM
• CGEIT

Candidates must be able to provide:

• Detailed resume.
• Descriptions of comparable cybersecurity assessment projects.
• Scope, size, and complexity metrics for prior engagements.
• Client references where permissible.
• Examples of risk assessment methodologies utilized.
• Evidence of participation in NIST-based assessment initiatives.

Preferred Experience

• Statewide cybersecurity assessment programs.
• Education sector cybersecurity initiatives.
• Government audit and compliance reviews.
• Multi-site assessments involving 20+ locations.
• Executive-level risk reporting and remediation planning.

Job # 3714