Must Have Technical/Functional Skills
New JD requirement:
Security Consultant
The hiring manager has shared the following details:
· The manager is looking for candidates with relevant experience in GRC audit and risk
assessment.
· Ideal experience: 2–4 years in that domain.
· Extensive experience in incident management is not required.
Role expectations: 60% – Incident Life Cycle Management, 20% – Risk Assessment and
Management across all suppliers and 20% – Audit Assessment,
Additionally, a manufacturing industry background would be preferred.
Cyber Security assessment Analyst conducts and supports the cyber security controls risk
assessment and management process across all our suppliers. Responsibilities include assessing our suppliers’ current adequacy of the security controls & strategy, business continuity /disaster recovery plans, threats to the systems, and then calculating the impact of potential adverse events. Audits and assessments must be continual, as the threat profiles change constantly. The Analyst will keep executive management up to date on the results of the risk assessment and make recommendations for mitigations, or projects, to protect supplier and customer systems
Roles & Responsibilities
• Demonstrate strong knowledge in IT controls, risk assessments, and assessment of security
measures
• Identify opportunities to continuously innovate and improve the program and value delivered to
organization
• Ensure successful completion of the annual supplier cyber security assessments
• Independently and proactively plans and performs assigned audit engagements related to security,
confidentiality, integrity, information protection and availability of data
• Conduct cyber security assessments & evaluate in alignment to the supplier security control
framework
• Ensure effectiveness of approved controls and drive risk remediations or changes from previous audit
for existing certified suppliers
• Inform and advise business leaders on supplier’s information security risks
• Provide subject matter expertise in third-party risk management.
• Proactively research and work in enhancing improvements to our existing process related to
documentation and security assessments.
• Automate security assessment processes & tools to review the security controls for cloud-based
applications
• Ability to multi-task and manage multiple global projects at the same time.
• Ability to work collaboratively across diverse team in a matrix type organization
• Bachelor’s degree in Science & Engineering or technical discipline is required.
• 7 years of information security & assessment experience with increased responsibilities
• In-depth knowledge of security assessment/audit principles
• Understanding of networking principles and data protection
• Ability to identify problems, analyze data and present conclusions
• Strong verbal, written and presentations skills
• Knowledge of information security frameworks such as ISO 27001 /NIST CSF is preferred
• Experience in supply chain cyber assessment and related tools usage is preferred
• CISA, CISM, certifications are preferred
• Excellent communication skills.
• Able to work as part of a virtual global team with cultural, language, and time zone differences.
• Able to deal with ambiguity and work independently with minimal supervision/guidance.
Education and Requirements Qualifications:
Bachelor’s degree in Science & Engineering or technical discipline is required.
8 years of specializing in end-to-end incident lifecycle management including detection, triage, recovery, root cause analysis
Proven expertise in coordinating cross-functional response teams, optimizing playbooks and maturing incident management processes aligned to NIST, ISO and MITRE ATT&CK
Knowledge of NIST 800-61, MITRE ATTA&CK, ISO 27001, CIS Controls
7 years of information security & assessment experience with increased responsibilities
In-depth knowledge of security assessment/audit principles
TCS Employee Benefits Summary:
...to deliver care to specific populations. Expectation is for the Nurse Trainee to transition into a Certified Nurse Aid role once... ...to accept non-routine work assignments as appropriate. # Is authorized to access secured storage areas in the performance of essential...
...detail-oriented and collaborative Assessment Data Domain Manager to play a key role in advancing our commitment to excellence in medical education. In this vital role, youll... ...management. Excellent data collection/entry, data reconciliation, data analysis and data...
...ORTHOPEDIC SURGEON San Francisco Bay Area Contra Costa Regional Medical Center (CCRMC) is seeking a BC/BE Orthopedic Surgeon with interest in full-time general orthopedics and fracture care. The successful candidate will share the mission of CCRMC in providing...
...detail-oriented, supporting both brick-and-mortar stores and online sales channels. Role Overview: The Data Entry / Report Specialist will support retail operations, customer service, and reporting. This is a temporary-to-permanent position filling in for an...
...leading ambulatory infusion center in Ohio, Kentucky, and New York is offering an exciting opportunity for a Board-Certified Nurse Practitioner for our state-of-the-art facilities in Columbus, Ohio and the surrounding area. The nurse practitioner will be responsible for...