Info Security Gov & Risk Specialist Position Available In Mecklenburg, North Carolina
Tallo's Job Summary: This job listing in Mecklenburg - NC has been recently added. Tallo will add a summary here for this job shortly.
Job Description
Job Description:
Job Title:
Info Security Gov & Risk Specialist (Hybrid)
Location:
Frisco, Charlotte, Denver, or Iselin Job Overview:
Defines, enhances, and implements information securityconfiguration controls, while ensuring consistent and effectiveinformation security administration procedures and processes.
KeyResponsibilities and Duties:
Review industry configurationsafeguards and monitor compliance for infrastructure assets:databases, workstations, network, middleware, servers, cloudservices, and mobile Partners with multiple business stakeholdersto drive work and monitor through completion Analyze internalinformation security controls and convert control criteria andtheir severity into functional compliance scanning results Createand support program governance documentation such as standardoperating procedures, control assessments and training materialsMonitor industry security updates, technologies and best practicesto improve security management Generate metrics and reports inassigned functional business area to inform decisions on tacticalissues that impact the business Perform QA/QC activities to driveconfiguration management program maturity Support remediationefforts through gap identification and action plan creation tooperationalize scan results Participates in various tool testingand validation efforts for on-prem and cloud scanning
RequiredQualifications:
Bachelor s degree in IT or Cybersecurity Experiencewith developing, customizing, reviewing and updating a wide rangeof enterprise security configuration baselines, with input fromsubject matter experts Experience interpreting and applying CISBenchmarks, DISA STIGs, SRGs, and has an awareness of the NationalVulnerability Database (NVD) and Common Vulnerability Enumeration(CVE) 1 year of direct experience working with teams in an agileand horizontal environment Experience with remediation activitieswithin Cybersecurity Ability to translate the low-level securitybaseline requirements into security baselines Ability to workindependently to anticipate needs, support a changing landscape andwillingness to act with minimal supervision
PreferredQualifications:
Knowledge and understanding of technologyoperations/processes, as well as experience with evaluatingtechnology-related risks and controls Experience in working withthe
NIST 800
Special Publication series and providing guidance forrisk management and security control implementation, including800-53 and others. Experience with one or more of the followingtechnologies: Networking (including CISCO or Palo Alto); OperatingSystems (including Windows Server, RedHat, or Linux); CloudServices (including GCP, AWS, and Azure) Ability to apply atechnical skill set to research and document industry knowledge andbest practices with established or newly released applicablesecurity controls Written and verbal communication skills:articulate and effective communicator and presenter, able todescribe complex problems in both technical and business termsDemonstrated experience learning new technologies Experience withan Agile methodology Knowledge of ServiceNow and Archer
