Cyber Security Risk Advisor

Full Job Description

Responsibilities:

  • Conducts complex cyber intelligence analysis and awareness through collaboration with other internal experts and trusted outside organizations
  • Performs threat analysis utilizing a combination of standard intelligence methods and business processes to uncover advanced threat actors
  • Designs an innovative threat and security incident management solution
  • Creates technical assessments and cyber threat profiles of current events on the basis of inventive collection and research using classified and open information sources to enables advanced threat intelligence
  • Develops and maintains analytical procedures to meet changing requirements and enable more strategic detections
  • Utilizes threat messaging, models, analyses, presentations, or recommendations to convey complicated technical or behavioral analysis to senior management
  • Participates in a coverage model to prevent and remediate security threats against the organization
  • Stays abreast of innovative business and technology trends in IT security, risk, and controls
  • Advices leadership on technology initiatives that support latest trends in IT security, risk and controls
  • Ensures effective execution of the risk management framework by managing relationships with key stakeholders within strategic business groups and technology
  • Responsible for conducting deep dives on IT security-related processes and systems
  • Verifies that IT risks are appropriately mitigated and leads multiple stakeholders in agreement on appropriate solutions/controls
  • Responsible for identifying applicable regulatory risks from changes or additions to regulatory guidance and requirements
  • Provides expertise for resolution and risk mitigation.
  • Develops, tracks, and reports on Key Risk Indicators (KRIs) for information technology
  • Monitors, tracks, and reports mitigation and resolution of IT risks
  • Performs process-level walkthroughs, control testing, etc. for the identification and assessment of IT risks and controls
  • Effectively communicate key risks, findings, and recommendations for improvement with key stakeholders.

Qualifications:

  • One or more of the following professional certifications: CISA, CISM, CEH, CISSP, or SANS or equivalent course experience with our partners
  • 5+ years of experience in your relevant GRC focus area.
  • You have experience in security risk management, controls assessment, or configuration management as appropriate for your area of GRC expertise.
  • You have general knowledge across all of GRC, with focused expertise in your area.
  • You have worked with both business and technical risk and understand how to translate between the two and communicate to various levels of technical and business management.
  • Experience with regulatory compliance audits such as SOC 2, ISO and PCI DSS
  • Detailed understanding of network security, identity and access management concepts, security certification reports
  • Demonstrated ability to successfully handle client-facing engagements
  • Experience managing risk in a global enterprise

 

Job Type: Full-time

To apply for this job email your details to recruit@cysecon.com

error

Care to Share? Please spread the word :)