1. 60 months experience evaluating information security and compliance for Information Technology systems and/or Operational Technology systems. 2. 60 months experience conducting written risk and/or security assessments using industry standards such as NIST, CIS Critical Controls, ISO 27001, etc. 3. 48 months experience triaging and determining mitigation plans (with and without Vendor) to resolve security risks and/or threats to business information systems and operational technology systems 4. 48 months experience evaluating business systems (Commercial Off the Shelf and Custom Developed) for alignment with Information Technology and/or Operational Technology security policies, standards, laws, regulations, and industry best practices. 5. 36 months experience in evaluating security controls for cloud environments 6. 36 months experience working with cross functional teams to mitigate or remediate system and application vulnerabilities 7. Bachelors Degree in one or more of the following: Information Security, Information Assurance, Cybersecurity, Computer Science, Information Science, Information System Management, Digital Forensics, Compliance and Risk Management 8. One or more of the following certifications: GICSP, GSEC, CISSP, CCSP, CCSK, CompTIA Cloud+, GCSA, CompTIA Network+, CompTIA Security+, CompTIA CySA+, CompTIA CASP+, CISSP, CRISC, ISSAP, ISSEP, CGRC, CSSLP, SSCP, or other applicable information and/or cybersecurity certifications