Qualifications Required Education:
Apply for this job
Bachelor's Degree or equivalent Discipline relevant to Information Security or equivalent combination of education and experience.
Discipline relevant to Information Security or Engineering Required Experience:
10 years of experience supporting cybersecurity risk and controls management programs with familiarity with cybersecurity frameworks including but not limited to ISO 27001, PCI-DSS, SOC, NIST CSF and regulatory requirements and compliance practices. Experience collaborating closely with security partners, including incident response, architects, and engineers to support and seamlessly incorporate cybersecurity controls and risk management processes into their day-to-day operations.
10 years of experience with Governance, Risk, and Compliance (GRC) technologies such as RSA Archer, ServiceNow, etc. Working knowledge in Cloud Security assessments, systems, tools, and web application reviews including Secure SDLC life cycle assessments. Working knowledge of enterprise infrastructure and application monitoring tools.
Required Skills, Knowledge and Abilities:
In-depth knowledge of foundational security controls and information security best practices, Ability to understand the implications of new information for both current and future problem-solving and decision-making. Must possess strong interpersonal, critical, analytical, organizational, written, and verbal communication skills to clearly communicate information and security concepts to non-technical audiences. Demonstrate reliability, responsibility, and dependability to fulfill job requirements.
Preferred Skills, Knowledge and Abilities:
Knowledge of enterprise infrastructure and application monitoring tools. Working knowledge of network systems, security principles, applications, and risk and compliance initiatives. Knowledge to bring clarity to projects by digging into documentation and asking the right questions to the right people.