NIST CSF Remediation and Assessment Support Job at California Creative Solutions Inc., Los Angeles, CA

QjRxUnJXbE5BejZNUmZjakRCYmF4azQ9
  • California Creative Solutions Inc.
  • Los Angeles, CA

Job Description

Project Scope:

The Los Angeles Unified School District (LAUSD) seeks qualified proposers to provide NIST CSF Remediation and Assessment Support. The Contractor shall provide resource(s) with the technical skills and personal leadership to perform all related services. LAUSD intends to use the results of this solicitation process to award a work order to the responsive and responsible proposer. The proposed work order will require one (1) resource working hybrid; onsite work will be at LAUSD Beaudry HQ and Soto Office .

Roles/Responsibilities:

The District seeks a firm that will perform the required work closely collaborating with LAUSD project team members and will perform the responsibilities below:

Policy Development

  • Review existing LAUSD cybersecurity policies, procedures, standards, risk assessments, and other related compliance documents.
  • Identify current IT Security policy gaps against NIST CSF 2.0 and assist in developing policies, procedures, standards, and other compliance documents to address those gaps

NIST Alignment

  • Meet with key stakeholders.
  • Define scope, priorities, and resource needs.
  • Review the 2024 NIST Gap Assessment results.
  • Revalidate gaps to confirm current state and material changes.
  • Map all gaps to the appropriate NIST CSF categories and/or NIST 800-53 controls.
  • Prioritize gaps based on risk, regulatory impact, and operational dependency.
  • Develop remediation plans, including resource needs, timelines, and responsible parties.

NIST Assessment

  • Interview key personnel from IT, security, compliance, and business units.
  • Validate documentation with observed processes and supporting evidence.
  • Rate each NIST CSF Category/Subcategory using a maturity model (e.g., 1 5 scale: Partial to Adaptive).
  • Compare 2025 maturity levels to previous years to identify progress or regression.

Maturity Assessment against NIST CSF 2.0

  • Create and deliver a comprehensive assessment report including: o Executive summary
  • Maturity scorecard
  • Identified gaps and risks
  • Remediation recommendations and risk prioritization
  • Present findings in an executive-level briefing.

Mandatory Skills:

  1. Five years of experience performing assessments, alignments, and policy development with the NIST Cybersecurity Framework (CSF) across all departments, systems, and third-party interfaces.
  2. Five years of experience with conducting state assessment, target profile development, Gap analysis and Implementation roadmap with control mappings to various processes. Demonstrated expertise with Framework integration with Enterprise Risk Management (ERM), Identity and Access Management (IAM) and Cloud security controls. Ensure interoperability with compliance (HIPAA, COPPA, FERPA, CIIPA, GDPR, etc.)
  3. Experience in establishing the Metrics and Continuous Monitoring providing dashboard for dashboards for executive visibility (CISO, CIO, board), planning regular maturity assessment and establishing metrics for each CSF function and subcategory.
  4. Experience in governance and program design
  5. Experience in NIST CSF framework integration
  6. Experience in technology alignment with NIST CSF
  7. Experience in establishing metrics and executive dashboard creation.
  8. Experience with compliance and audit requirements
  9. Experience with understanding larger systems and their dependencies.
  10. Experience with developing governance framework documents, SOPs and policies.

Job Tags

For contractors, Work at office,

Similar Jobs

Orpheus, Inc.

Full Stack Web Developer Job at Orpheus, Inc.

 ...Orpheus, Inc. is a team of passionate and experienced web designers, web developers, graphic designers, and marketing strategists that want nothing...  ...match ~14 paid holidays and 2 weeks PTO a year ~ Remote work opportunities after probationary period at manager's... 

BRIA

Weekend Warrior Registered Nurse (RN) Job at BRIA

 ...rehabilitation centers offer a compassionate care environment, empowering you. ...Because there is a better way. Weekend Warrior Registered Nurse (RN) Benefits: ~ PTO package and paid holidays ~ Growth from within ~ Employee rewards program ~ Sign-on bonus... 

Stonehenge Staffing, LLC

Microsoft Dynamics 365 CRM Developer Job at Stonehenge Staffing, LLC

 ...Microsoft Dynamics 365 CRM Developer About the Role We are is seeking a talented Microsoft Dynamics 365 CRM Developer to join our innovative team. In this role, you will contribute to the design, development, and implementation of advanced CRM solutions that drive... 

Robert Half

Technical Writer Job at Robert Half

 ...Job Title: Technical Writer Data Analytics & Reporting Location: Orlando, FL (Onsite MondayThursday, Remote on Fridays) Reports to: Manager, Technology Data Analytics & Reporting About the Team We are responsible for shaping the end-to-end digital and... 

Netafim Irrigation Inc

Health, Safety & Environmental/Personnel Coordinator Job at Netafim Irrigation Inc

 ...Personnel professional to join our team. As the Health, Safety & Environmental/Personnel Coordinator you will have ownership of systems,...  ...partnership with the People Team. Ensures compliance with corporate policy, fair employment practices and applicable government...