A position at White Cap isn’t your ordinary job. You’ll work in an exciting and diverse environment, meet interesting people, and have a variety of career opportunities.

The White Cap family is committed to Building Trust on Every Job. We do this by being deeply knowledgeable, fully capable, and always dependable, and our associates are the driving force behind this commitment.

Job Summary

Responsible for providing expertise in implementing and maintaining cybersecurity risk frameworks, including NIST CSF ( National Institute of Standards and Technology Cybersecurity Framework) and NIST RMF (National Institute of Standards and Technology Risk Management Framework). Assess, review, and help identify areas where security controls do not exist currently.

Major Tasks, Responsibilities and Key Accountabilities

• Conduct thorough and regular risk assessments to identify and evaluate potential threats and vulnerabilities related to critical infrastructure. Develop and maintain cyber risk-based statements and scenarios to enhance risk register capabilities.

• Identify, track, and report on Cyber Key Risk Indicators.

• Collaborate with cross-functional teams to ensure the integration of security measures into organizational processes and systems.

• Stay updated on emerging cyber threats and industry best practices to enhance risk mitigation strategies. Conduct threat intelligence monitoring and reporting as needed.

• Lead the implementation of comprehensive cyber risk management strategies and risk monitoring.

• Perform annual assessments of operating system security baselines.

Nature and Scope

• Identifies key barriers/core problems and applies problem-solving skills in order to deal creatively with complex situations. Troubleshoots and resolves complex problems. Makes decisions under conditions of uncertainty, sometimes with incomplete information, that produce effective end results.

• Independently performs assignments with instruction limited to the expected results. Determines and develops an approach to solutions. Receives technical guidance only on unusual or complex problems or issues.

• May oversee the completion of projects and assignments, including planning, assigning, monitoring and reviewing progress and accuracy of work, evaluating results, etc. Contributes to employees' professional development but does not have hiring or firing authority.

Work Environment

• Located in a comfortable indoor area. Any unpleasant conditions would be infrequent and not objectionable.

• Most of the time is spent sitting in a comfortable position and there is frequent opportunity to move about. On rare occasions, there may be a need to move or lift light articles.

• Typically requires overnight travel less than 10% of the time.

Education and Experience

• Typically requires BS/BA in a related discipline. Generally 5-8 years of experience in a related field OR MS/MA and generally 3-5 years of experience in a related field. Certification is required in some areas.

Preferred Qualifications

• 100% remote.

• 5+ years’ experience in cybersecurity conducting risk assessments, identifying security gaps, and recommending mitigation strategies - REQUIRED.

• Strong analytical and problem-solving skills, with the ability to communicate complex technical issues to senior IT leaders and non-technical stakeholders - REQUIRED.

• In-depth knowledge of NIST CSF and RMF, with a strong ability to apply these frameworks to organizational security practices.

• Relevant certifications, such as CRISC, CGRC, or CISSP.

• In-depth knowledge of operating systems and security baselines (e.g. CIS)

#LI-SH1

#LI-Remote

If you’re looking to play a role in building America, consider one of our open opportunities. We can’t wait to meet you.

Functional Area Information Technology

Recruiter Haynes, Steven

Req ID WCJR-017918

White Cap is an Equal Opportunity Minority/Female/Individuals with Disabilities/Protected Veteran and Affirmative Action Employer. White Cap considers for employment and hires qualified candidates without regard to age, race, religion, color, sex, sexual orientation, gender, gender identity, national origin, ancestry, citizenship, protected veteran or disability status or any factor prohibited by law.