Full Job Description
Responsibilities:
- Conducts complex cyber intelligence analysis and awareness through collaboration with other internal experts and trusted outside organizations
- Performs threat analysis utilizing a combination of standard intelligence methods and business processes to uncover advanced threat actors
- Designs an innovative threat and security incident management solution
- Creates technical assessments and cyber threat profiles of current events on the basis of inventive collection and research using classified and open information sources to enables advanced threat intelligence
- Develops and maintains analytical procedures to meet changing requirements and enable more strategic detections
- Utilizes threat messaging, models, analyses, presentations, or recommendations to convey complicated technical or behavioral analysis to senior management
- Participates in a coverage model to prevent and remediate security threats against the organization
- Stays abreast of innovative business and technology trends in IT security, risk, and controls
- Advices leadership on technology initiatives that support latest trends in IT security, risk and controls
- Ensures effective execution of the risk management framework by managing relationships with key stakeholders within strategic business groups and technology
- Responsible for conducting deep dives on IT security-related processes and systems
- Verifies that IT risks are appropriately mitigated and leads multiple stakeholders in agreement on appropriate solutions/controls
- Responsible for identifying applicable regulatory risks from changes or additions to regulatory guidance and requirements
- Provides expertise for resolution and risk mitigation.
- Develops, tracks, and reports on Key Risk Indicators (KRIs) for information technology
- Monitors, tracks, and reports mitigation and resolution of IT risks
- Performs process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls
- Effectively communicate key risks, findings, and recommendations for improvement with key stakeholders.
Qualifications:
- One or more of the following professional certifications: CISA, CISM, CEH, CISSP, or SANS or equivalent course experience with our partners
- 5+ years of experience in your relevant GRC focus area.
- You have experience in security risk management, controls assessment, or configuration management as appropriate for your area of GRC expertise.
- You have general knowledge across all of GRC, with focused expertise in your area.
- You have worked with both business and technical risk and understand how to translate between the two and communicate to various levels of technical and business management.
- Experience with regulatory compliance audits such as SOC 2, ISO and PCI DSS
- Detailed understanding of network security, identity and access management concepts, security certification reports
- Demonstrated ability to successfully handle client-facing engagements
- Experience managing risk in a global enterprise
Job Type: Full-time
Responsibilities:
- Conducts complex cyber intelligence analysis and awareness through collaboration with other internal experts and trusted outside organizations
- Performs threat analysis utilizing a combination of standard intelligence methods and business processes to uncover advanced threat actors
- Designs an innovative threat and security incident management solution
- Creates technical assessments and cyber threat profiles of current events on the basis of inventive collection and research using classified and open information sources to enables advanced threat intelligence
- Develops and maintains analytical procedures to meet changing requirements and enable more strategic detections
- Utilizes threat messaging, models, analyses, presentations, or recommendations to convey complicated technical or behavioral analysis to senior management
- Participates in a coverage model to prevent and remediate security threats against the organization
- Stays abreast of innovative business and technology trends in IT security, risk, and controls
- Advices leadership on technology initiatives that support latest trends in IT security, risk and controls
- Ensures effective execution of the risk management framework by managing relationships with key stakeholders within strategic business groups and technology
- Responsible for conducting deep dives on IT security-related processes and systems
- Verifies that IT risks are appropriately mitigated and leads multiple stakeholders in agreement on appropriate solutions/controls
- Responsible for identifying applicable regulatory risks from changes or additions to regulatory guidance and requirements
- Provides expertise for resolution and risk mitigation.
- Develops, tracks, and reports on Key Risk Indicators (KRIs) for information technology
- Monitors, tracks, and reports mitigation and resolution of IT risks
- Performs process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls
- Effectively communicate key risks, findings, and recommendations for improvement with key stakeholders.
Qualifications:
- One or more of the following professional certifications: CISA, CISM, CEH, CISSP, or SANS or equivalent course experience with our partners
- 5+ years of experience in your relevant GRC focus area.
- You have experience in security risk management, controls assessment, or configuration management as appropriate for your area of GRC expertise.
- You have general knowledge across all of GRC, with focused expertise in your area.
- You have worked with both business and technical risk and understand how to translate between the two and communicate to various levels of technical and business management.
- Experience with regulatory compliance audits such as SOC 2, ISO and PCI DSS
- Detailed understanding of network security, identity and access management concepts, security certification reports
- Demonstrated ability to successfully handle client-facing engagements
- Experience managing risk in a global enterprise
Job Type: Full-time
To apply for this job email your details to recruit@cysecon.com