Vacancy expired!
- Strong understanding of tech security controls and control frameworks
- Cloud Risk Assessment- familiarity
- Contributes to successful implementation of security into new/enhanced systems to meet scope, schedule, and budget.
- Recommends risk-based prioritization for security within technology roadmaps.
- Scope the assessment of risks and the execution of plans to mitigate the risks.
- Proactively provides expert knowledge of industry trends and technologies as it relates to specific opportunities where security can enhance value to the business and/or addresses a specific business need.
- Contributes to technology risk-based investment planning through risk-integration with BTLs.
- Identifies risk opportunities to make IT and business processes more effective and efficient.
- May direct the implementation of improvement (mitigation) initiatives.
- Drive compliance to standards/regulations and governance processes as it relates to the line of business.
- Overall operations arm of the risk management function.
- Develops and operates enterprise technology risk dashboard.
- Analyzes supply & demand and for all risk assessment activities to develop schedule with A&V team.
- Accountable for development of security business (quality) requirements.
- Acts as a liaison to operations and CTO to drive improvement based on patterns.
- Drafts risk exception reporting, where applicable.
- Works with Risk Advisory team to develop mitigation plans.
- Establishes and maintains security metrics.
- Manages and accountable for the development of the risk scenario library.
- Supply and demand forecast.
- Security requirements
- Overall risk assessment master schedule.
- Reporting standards and templates.
- Risk mitigation plans and Security metrics.
- Excellent planning, organizational and project management skills; detail and process-oriented; able to juggle multiple priorities in a fast-paced environment
- Understanding of information security concepts and strategy
- Understands information security holistically and how it relates to business goals
- Understanding of risk assessment and risk analysis frameworks
- Outstanding problem-solving/decision making ability
- Excellent written and verbal communication skills, able to explain complex issues in clear and concise terms
- First class documentation skills
- Exceptional interpersonal skills, including teamwork, facilitation and negotiation
- Highly collaborative, able to work cross-functionally; possessing the ability to forge relationships and partner effectively
- Demonstrated strategic planning and road mapping ability
- Strong leadership skills; able to manage, mentor and motivate
- Resourceful and self-motivated, able to work independently when required
- Credible and persuasive; able to present often complex information in an accessible fashion to a non-technical audience
- Experience with enterprise security in a complex, multi-platform environment including SCADA and other complex technology platforms
- Experience with regulatory requirements (Nerc-CIP, SOX, FCC, SB 1386/1746, etc.)
- B.A./B.S. degree or equivalent work experience in computer science, business administration or other relevant field required.
- Minimum of 4 years of relevant technical experience
- Minimum of 2 years of leading a team in an IT function
- CISSP certification, or ability to obtain via self-study within one year of date of hire, other relevant IT or security certifications.
- Utility Experience
Vacancy expired!