Security Governance - Remote / Telecommute - Cynet Systems : Job Details

Security Governance - Remote / Telecommute

Cynet Systems

Job Location : all cities,AK, USA

Posted on : 2025-01-17T09:07:43Z

Job Description :
Job Description: Pay Range 93hr - $97hr Responsibilities:
  • Support the GRC operating model and the service-oriented customer engagement model.
  • Support GRC capabilities, such as enterprise security risk management, compliance and audit management, policy management, security awareness training, third party risk management, and metrics and reporting.
  • ssist to manage security compliance programs and activities that support various compliance regulations.
  • Perform risk assessments that address security threats, changes to systems and/or applications, process improvement initiatives, supplier assessments (including downstream outsourcers) and other requests from the business.
  • Collaborate with various operational and business teams to complete assessments and drive remediation items to closure.
  • Maintain accurate reporting of remediation activities to bring appropriate visibility to stakeholders and leadership.
  • Monitor the security risk profiles and events of our suppliers to objectively determine high risk suppliers that require additional review and treatment plans.
  • Establish and maintain security metrics and reporting.
  • Respond to customer security/compliance questionnaires.
  • ct as security risk management ambassador to internal customers.
  • Support the development of automation activities. Accountable for.
  • The use of defined risk methodologies and best practices to perform IT/Security assessments. Responsible for the planning, scoping, tracking, and execution of these assessments.
  • Driving remediation activities from identification, remediation plan and closure. Hold owners accountable to delivery of remediation solution within the agreed upon/reasonable SLA.
  • Operations and improvements of security audit and compliance programs to support various compliance regulations.
  • Operationalization of a metrics and reporting function to continually report on meaningful security, risk, and compliance metrics for operational and executive management.
  • Support the automation of KRIs and KPI reporting that align with operational/business risk areas and corporate risk. Qualifications.
  • Candidate must have 4+ years working in governance, risk, and compliance and/or information security and risk management.
  • Functional knowledge of the CISSP security domains and information security industry standard and best practices.
  • Functional knowledge of applicable security regulatory requirements (SOX, GDPR).
  • Functional knowledge of ISMS governance models (i.e. ISO 27001, NIST, CAIQ), information security roles, security controls.
  • Functional knowledge of common security certifications (i.e. ISO 27001, SOC1, SOC2, Web Trust) and ability to glean significance from findings identified in these reports.
  • bility to communicate risk methodologies and concepts to business units and IT teams.
  • Demonstrated experience with controls definition, development, implementation, and assessment.
  • Strong interpersonal skills and ability to work effectively with diverse and distributed teams.
  • Strong attention to detail, project management and organizational skills.
  • Self-starter with the ability to effectively manage independent workloads asynchronously with stakeholders across multiple time zones.
Apply Now!
Similar Jobs ( 0)
-- View More Similar Jobs --