Information Security Risk Officer

Information Security, Risk Management, Governance, Compliance, CISM Certification
Contract W2, C2H W2, 6 Months
Depends On Experience
Telecommuting not available Travel not required

Job Description

• Identify, assess, manage, and monitor information risk in adherence to Information Risk Management Policies, Standards, and SOPs 
• Capture identified information risks in the approved risk register
• Ensure appropriate evidence is included in the risk record before submitting for closure 
• Serve in a liaison role between the Global Cyber Security and Fraud teams and Business Segments, to arrive at an achievable mitigation strategy
• Work with Business Segments to review and assess risks by providing guidance for risk related activities; ensuring compensating controls exist and align to applicable standards
• Leverage subject matter experts to discuss cyber security topics and trends to assist in developing accurate risk assessments
• Provide security guidance during joint ventures, acquisitions and integrations 
• Assess application risk through a formal certification and authorization process prior to Go-Live
• Attend the weekly Security Risk Committee meeting and when necessary present information risks, with representation from the Business Segments, to arrive at an appropriate remediation plan
• Aggregate monthly information risk reporting and trends for Senior Management through the monthly Information Risk Governance Committee
• Manage Internal Audits of GCSF and Global Cyber Security Services by providing guidance in preparation for upcoming audits
• Ensure GCSF and GCSS teams provide timely and accurate responses to Internal Audit documentation requests and oversee the timely closure of findings

Candidate Requirements
• 7+ years of experience working in information security and/or other risk management related fields
• Bachelor’s degree 
• Ability to handle moderate to complex resolution without escalation with minimal supervision 
• Capable of working with all levels of management within the organization
• MS applications (Excel, Word, Powerpoint)
• Certified Information Security Manager (CISM) or comparable security certification a plus
• Audit experience a plus
• Ability to work independently
• Experience working in an Enterprise Risk, Governance and Compliance (eRGC) tool or enterprise resource planning tool, specifically RSA Archer

 

 

NO THIRD PARTIES, NO SUB-CONTRACTORS, NO CORP to CORP

 

Data Resource Technologies Inc. is an Information Technology Staffing Firm serving the markets of the United States of America; the greatest country in the world. We work with Direct Clients Only and do not participate in multi layer contracts. Earn The Most Possible and put over 60 years of Information Technology Industry experience to work for you today, Call or Apply NOW!!!

Posted By

Jeremy Jensen

12020 Shamrock Plaza, Suite 200 Omaha, NE, 68154

Contact
Dice Id : 10124769
Position Id : GA_RiskOfficer
Have a Job? Post it