Job Searchi - jobSearchi.com

Job Details

ID #46445626
State Maryland
City Salisbury
Job type Permanent
Salary USD TBD TBD
Source Gables Search Group
Showed 2022-10-14
Date 2022-10-13
Deadline 2022-12-11
Category Et cetera
Create resume

Sr. Cybersecurity Risk Analyst

Maryland, Salisbury, 21801 Salisbury USA

Vacancy expired!

This is an on-site position in Salisbury, MD. It is NOT a remote position. It comes with a comprehensive relocation package. Responsibilities: This position will actively contribute to the on-going maturation of the company's information security program through executing security assessments, guiding secure technology implementations, and mitigating cyber risk. Specific responsibilities include:
  • Create and maintain partnering relationships with business leaders and managers to advise on cybersecurity requirements for project implementation and execution.
  • Manage and guide IT and business areas on technical remediation stemming from vulnerability assessments, pen tests, application security assessments, audit, etc. providing prioritized remediation efforts.
  • Provide input into cybersecurity strategies and plans based on evolving technology risk and business initiatives stemming from security assessments and industry requirements.
  • Lead cybersecurity projects for identifying and mitigating risk (maturity assessment, cyber controls assessment, PCI-DSS, HIPAA, etc.) as needed.
  • Assess the security of third-party solutions and supplier integrations; recommend appropriate security controls and contractual language.
  • Track, measure, validate, and report on risk identification, acceptances, and remediation efforts.
  • Maintain information security policies and standards to support the on-going protection and security requirements for the organization.
  • Support CSIRT and cybersecurity operations teams during tabletop exercises, incident response, legal request, and internal investigation as needed based on aligned business/IT areas.
Requirements: A Bachelor's degree in Information Systems, Cyber Security, Computer Science or a related discipline is preferred, however, equivalent years of experience may be considered in lieu of educational requirements. Specific requirements include:
  • A minimum of seven (7) years of Information Technology experience, with at least three (3) years within Information Security (More without degree.)
  • Technical or cybersecurity background (e.g. security operations, security engineering) that can effectively lead and advise on cybersecurity implementation, assessments, and cyber risk reduction strategies for IT and business initiatives.
  • Previous experience in one of the following domains, cybersecurity operations, architecture, or engineering.
  • Experience engaging vendors and consultants to execute cyber assessments.
  • Working knowledge of industry control frameworks and standards, NIST CSF, CIS, OWASP, and MITRE ATT&CK
  • Proficiency in information security domains, including risk and control assessments, policies and standards, secure systems development lifecycle, regulatory compliance, access controls, incident management, vulnerability management, and data protection.
  • Understanding of cyber security threat modeling, risk management concepts, cyber security frameworks, secure coding principles, and security technologies.
  • One of the following certifications is preferred but not required CISSP, CISM, CRISC, GSEC, GCIH, Security+
  • Experience with one more of the following industry regulations, PCI-DSS, HIPAA, DHS-CFATS

Vacancy expired!

Subscribe Report job