Overview
Remote
Depends on Experience
Accepts corp to corp applications
Contract - W2
Contract - Independent
Contract - 12 Month(s)
No Travel Required
Able to Provide Sponsorship
Skills
5+ years of direct experience in a cybersecurity focused analyst or architect role.
Job Details
- Support the planning, execution, and delivery of newly established security, risk, and compliance-related projects across the BU.
- Work as a member of the cyber risk management team supporting an engineering BU.
- Supporting Risk Management Lead as a SME to establish and deploy new risk management processes and capabilities. Helping to establish, manage, and mature the Risk Register supporting a network devices group for product security.
- Identify and assess potential risks across the organization and assess their likelihood and impact by completing comprehensive risk assessments.
- Develop and recommend strategies to mitigate identified risks, providing clear guidance and support to risk owners throughout the process.
- Communicate risk assessments and recommendations clearly to stakeholders and develop metrics to track risk status and effectiveness of mitigation efforts.
- Support the implementation and maintenance of governance frameworks and help ensure adherence to regulatory standards.
- Help support response activities related to security incidents or risk escalations when appropriate.
- Qualifications:
- Bachelor degree in Information Security, Computer Science, Business, or a related field.
- 10+ years of experience supporting IT, security, or risk-related projects, with a focus on cybersecurity, risk management, or compliance.
- 5+ years of direct experience in a cybersecurity focused analyst or architect role.
- Good to moderate understanding of computer networking concepts (e.g., TCP/IP, Routing, DNS, firewalls, VPNs).
- Good understanding of security threats, weaknesses, and vulnerabilities necessary; and as related to IoT and network devices a strong plus.
- Functional familiarity with CVE and CWE scoring systems.
- Good knowledge of SDLC process/practices and the application of product security activities.
- Good knowledge of hacking lifecycles, MITRE ATT&CK framework, and common threat models.
- Security audit, compliance and certification knowledge/experience.
- ServiceNow knowledge/experience, and aspects of vulnerability testing knowledge/experience a strong plus.
- Experience with approaches to applying risk scoring a plus.
- Moderate scripting skills a plus.
- Strong working knowledge of security frameworks and regulatory requirements
- Exceptional organizational, communication, and collaboration skills.
- Ability to work in a fast-paced, cross-functional environment and prioritize tasks effectively.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.