It Security Engineer Iii

Detalles de la oferta

**Position Summary**:
As a member of the Corporate Infrastructure and Security - Risk & Assessments team, the Security Engineer is responsible for:

- Providing key input and assistance in the development and implementation of a global cybersecurity risk management program
- Maintaining and executing the risk management policy throughout the entire risk lifecycle
- Executing various risk analysis processes within the team including intake and analysis of reported risks, risk management, and ensuring teams are properly managing plans to reduce or eliminate risk
- Ensure consistency of security practice and standards across the organization
- Conduct Information Security assessments including and documenting controls, identifying potential gaps and or inconsistencies and making sound recommendations for improvement and/or migration
- Collaborate on the technical definitions and oversee implementation of security controls and requirements for systems, infrastructure and solutions
- Provide consultative advice ensuring security design for systems aligns with business needs and the company's security posture
- Cultivate and maintain strong working relationships with IT teams, Legal, Privacy, and Internal Audit.

This position will be part of a team that will be responsible for driving visibility and have understanding of information security risk management to contribute and influence strategic decision making across the enterprise.

**Risk Key Responsibilities**:

- Intake and analysis of identified cyber security issues and risks from a variety of sources including security assessments, compliance checks, automated vulnerability systems, and other internally or externally reported risks.
- Complete analyses and reports to develop a comprehensive view of risk across the company.
- Assist and track for accurate risk measurement and response activities, provide necessary information and analysis to help business leaders prioritize risks
- Review and track action plans developed by risk owners and ensure plans are completed appropriately
- Perform ad-hoc risk analysis as assigned
- Review and advise on internal security capabilities in the context of negotiations with customers or auditors.
- Perform other duties as assigned.

**Minimum Requirements/Qualifications**:

- 5+ years' experience in risk analysis, information risk management,, data privacy, information technology, or equivalent with exposure to cybersecurity and/or information security risk.
- Bachelor's Degree in Risk Management, Information Assurance, Information Security, Cybersecurity, IT, Law or Data Privacy or equivalent work experience.
- Experience with risk analysis.
- Ability to explain complex risk management topics to a broad audience
- Understanding of relevant industry frameworks such as ISO 27001 series, NIST 800-53, FISMA and others
- General understanding of cybersecurity technologies and controls with the ability to bridge the gap between governance and technical concepts
- Excellent writing skills, with experience as a writer or technical editor is considered a plus
- Demonstrated ability to complete work with mínimal direction and self-identify tasks
- Excellent written and oral communication skills with experience presenting to senior leadership
- Strong interpersonal, organizational, and excellent documentation skills
- Excellent customer service skills
- Relevant certifications such as CRISC, CISSP or CISA are considered a plus
- Experience of various risk management frameworks such as the NIST Risk Management Framework or Center for Internet Security Risk Assessment Methodology will be considered plus.

**Non-Negotiable Hiring Criteria**:

- Customer service mindset
- Strong attention to detail, organizational skills, time management
- Excellent verbal and written communication skills
- Ability to take direction and independently work through projects as required


Salario Nominal: A convenir

Fuente: Whatjobs_Ppc

Requisitos

Software Qa Analyst

**#ChangeMakers** **Ready to make an impact?** We develop, manufacture, and supply dental implants, clear aligners, instruments, CADCAM prosthetics and bio...


Straumann Group - Heredia

Publicado a month ago

Senior Unix Systems Administrator

Full-time Employee Status: Regular Role Type: Home Department: Information Technology & Systems Schedule: Full Time Shift: Day Shift **Company Descript...


Experian - Heredia

Publicado a month ago

Technical Account Manager

Full-time Employee Status: Regular Role Type: Hybrid Department: Customer Service Schedule: Full Time **Company Description**: **About us, but we'll be ...


Experian - Heredia

Publicado a month ago

Senior Unix Systems Administrator

**Company Description** Experian is the world's leading global information services company. During life's big moments - from buying a home or a car, to send...


Experian - Heredia

Publicado a month ago

Built at: 2024-11-23T11:33:16.985Z