You will expertly guide and provide answers and solutions to questions related to cybersecurity and cyber risk. It is expected that this position will provide expertise, influence, and consultation within and outside the company Cybersecurity Organization. You will also build and maintain strong relationships across the enterprise to implement appropriate controls to protect data, products and operations and will lead annual and cyclical cybersecurity policy and procedures assessments and enhancements.
Review the effective operation of established security controls and make recommendations for improvements as appropriate
Act as a primary point of contact, respond to requests from internal and external auditors with evidence of the effective operation of relevant Cybersecurity Controls (e.g. PII, NPI, CSA, SOX, etc.)
Promote awareness of Cybersecurity policies, tools, methodologies and best practices
Direct the conduct of Cybersecurity risk assessments, and report the results to senior management
Manage the development and implementation of Cybersecurity risk policy, standards, guidelines and procedures to ensure ongoing maintenance of security
Apply subject matter expertise and judgment on risk evaluation, risk assessments and risk mitigations for Cybersecurity, IT and Business Unit projects
Responsible for bringing Cybersecurity decisions to closure and building consensus through collaboration within Cyber, IT, Business Unit colleagues and project team members
Ensure that all Cybersecurity risk and control gaps are clearly documented and work with project teams to develop remediation plans to address issues
Ensure IT and company business teams adhere to Cybersecurity policies and standards
Serve as a Project Manager for critical Cybersecurity initiatives
Strong understanding of Security Architecture and Design, Information Security Standards and Technical Security Risk Assessment methodologies
Experience with cloud (IaaS, SaaS)
Current security certification (e.g. CISSP, CISA, CRISC) is a PLUS
Practical experience with designing, implementing and administering cybersecurity risk programs within mid to large-sized organizations
Experience in accommodating changing security requirements within a high-growth business environment, and advising decision makers on risk management issues
Good knowledge of threat modeling methods and techniques to improve security posture enterprise-wide
Ability to provide clear and concise policy, direction and expert knowledge when queried by business on several cybersecurity issues and areas
The company is an equal opportunity employer and will consider all applications without regards to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.
OpenArc is a technology consulting firm providing industry-leading technical talent placement, software development, and technology strategy services to clients nationwide. Through a unique blending of people and software, OpenArc has a business practice that delivers amazing enterprise, mobile and consumer-facing apps and the best talent for contract, contract-to-hire and direct placements for clients and partners alike.
Staffed with the most-trusted recruiting experts, elite software developers, UI/UX designers and market experts, our team provides clients with the best resources, the right techniques and world-class support resulting in powerful measurable success.