Overview
On Site
Full Time
Skills
Exceed
Documentation
IT Risk
IT Risk Management
Reporting
Information Security Management
Management
Research
Risk Management
IT Audit
Computer Science
CISSP
Information Security
CISM
CISA
Information Systems
ISACA
Auditing
System On A Chip
ISO 9000
Sarbanes-Oxley
PCI DSS
Privacy
Cyber Security
Information Technology
IT Service Management
Innovation
Collaboration
Recruiting
Insurance
Finance
Professional Development
Training
Leadership
CompTIA
Customer Service
Career Counseling
Oracle Application Express
Apex
Job Details
Job#: 3014755
Job Description:
How You Will Make a Difference:
1. Collaborate with information technology and other business unit personnel to identify cybersecurity risks associated with highly complex projects and other business initiatives.
2. Perform assessments of external party information security controls to ensure they meet or exceed VF's information security risk management requirements for the services to be provided.
3. Determine information security risk profiles for various vendor and business partner services using questionnaires, relevant industry best practices and standards, and knowledge of VF policies.
4. Recommend solutions to eliminate, reduce, or mitigate cybersecurity risk, and communicate said solutions to external parties and/or internal business stakeholders as appropriate.
5. Provide direction and guidance as needed to internal project stakeholders concerning statutory, regulatory, and VF policy and program requirements.
6. Record pertinent documentation and communications for all assessments in VF's online information technology risk management platform.
7. Report status of engagements to Global Cyber and Information Security management, project managers, and other business stakeholders as appropriate.
Sensitivity: Public
POSITION DESCRIPTION
Years of Related Professional Experience: 5+ years
Educational/ Position Requirements:
5+ years of information security risk management and/or IT audit experience, preferably in a large corporate enterprise.
Bachelor's degree in information systems, computer science, or related field preferred.
Certified Information Systems Security Professional (CISSP) preferred. Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar credentials considered.
Functional knowledge of industry frameworks, regulations, legislation, and audit methodologies, including SOC 1, SOC 2, ISO 27000, SIG, CAIQ, NIST Cybersecurity Framework, Sarbanes-Oxley (SOX), PCI-DSS, GDPR, and various federal and state privacy laws.
Ability to broker complex discussions to achieve the proper balance between business needs and cybersecurity best practices.
Ability to influence others through persuasion to arrive at desired outcomes.
Ability to communicate effectively with a broad range of people and roles, including vendors, information technology professionals, and other business personnel.
Ability and desire to seize the initiative, work proactively, and perform assigned duties in a highly independent manner.
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click for more details.
Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.
Job Description:
How You Will Make a Difference:
1. Collaborate with information technology and other business unit personnel to identify cybersecurity risks associated with highly complex projects and other business initiatives.
2. Perform assessments of external party information security controls to ensure they meet or exceed VF's information security risk management requirements for the services to be provided.
3. Determine information security risk profiles for various vendor and business partner services using questionnaires, relevant industry best practices and standards, and knowledge of VF policies.
4. Recommend solutions to eliminate, reduce, or mitigate cybersecurity risk, and communicate said solutions to external parties and/or internal business stakeholders as appropriate.
5. Provide direction and guidance as needed to internal project stakeholders concerning statutory, regulatory, and VF policy and program requirements.
6. Record pertinent documentation and communications for all assessments in VF's online information technology risk management platform.
7. Report status of engagements to Global Cyber and Information Security management, project managers, and other business stakeholders as appropriate.
Sensitivity: Public
POSITION DESCRIPTION
- Assist in enforcing information security policies, standards, and procedures. Review requests for exceptions to security policies and provide recommendations to management.
- Research and advocate new technologies, architectures, and products that will support security requirements for the enterprise and its customers, business partners, and vendors.
- Provide cybersecurity risk management and process execution guidance to junior team members.
- Perform other information security risk management tasks as assigned.
Years of Related Professional Experience: 5+ years
Educational/ Position Requirements:
5+ years of information security risk management and/or IT audit experience, preferably in a large corporate enterprise.
Bachelor's degree in information systems, computer science, or related field preferred.
Certified Information Systems Security Professional (CISSP) preferred. Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) or similar credentials considered.
Functional knowledge of industry frameworks, regulations, legislation, and audit methodologies, including SOC 1, SOC 2, ISO 27000, SIG, CAIQ, NIST Cybersecurity Framework, Sarbanes-Oxley (SOX), PCI-DSS, GDPR, and various federal and state privacy laws.
Ability to broker complex discussions to achieve the proper balance between business needs and cybersecurity best practices.
Ability to influence others through persuasion to arrive at desired outcomes.
Ability to communicate effectively with a broad range of people and roles, including vendors, information technology professionals, and other business personnel.
Ability and desire to seize the initiative, work proactively, and perform assigned duties in a highly independent manner.
Apex Systems is a world-class IT services company that serves thousands of clients across the globe. When you join Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRated's Best of Staffing in Talent Satisfaction in the United States and Great Place to Work in the United Kingdom and Mexico. Apex uses a virtual recruiter as part of the application process. Click for more details.
Apex Benefits Overview: Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our 'Welcome Packet' as well, which an Apex team member can provide.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.