Cyber Security Risk and compliance – C2C – Mount Laurel, NJ(Hybrid)

Contract

Cyber Security jobs

Hi,

Cyber Security Risk and compliance – C2C – Mount Laurel, NJ(Hybrid)

What are the top skills required for this role?
1. Primary mandate skill required – Cyber Security Risk and compliance
2. Secondary mandate skill required – Vulnerability Management

Additional Information:

Strong interpersonal skills and ability to work cross-functionally. Excellent analytical & problem-solving skills. Strong communal working style, ability to work effectively as part of a global team and independently. Active listening skills, with effective verbal and written communication with stakeholders at different levels in the organization. External certification will be added advantage.

Job Description/ Responsibilities

Responsibilities
• Work closely with Security/ CISO team, assess, design, document, and guide security services towers. Implementing, Managing, Governing security Process, Procedures and Standards to ensure Managed Security services is compliance to the pre-defined cyber- security policies.
• Implements security controls, risk assessment framework, and program that align to regulatory requirements, ensuring documented and sustainable compliance that aligns and advances business objectives.
• Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, testing. Develops reporting metrics, dashboards, and evidence artifacts.
• Defines and documents business process responsibilities and ownership of the controls in GRC tool. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates GRC reports.
Technical Competencies
• Working knowledge of ISO 27001.
• Understanding of compliance and regulatory requirements such as PCI, NIST, HIPPA.
• Worked on Information Security Policy lifecycle management like defining, reviewing, and updating security policies based on ISO 27001/ NIST framework.
• Experience in defining security process, procedures and security standard based on ISO 27001/ NIST.
• Knowledge on IT security control operations.
Behavioral Competencies
• Ability to work at program management level and drive guide in implementation of security controls in multiple tracks.
• Experienced in interacting with multiple stakeholders such as client’s CISO’s team, Internal Audit and technical teams.
• Positive attitude in educating non-security-experienced personnel.
• Continuously refreshing technical skills and knowledge
• Be the first technical point of contact for VM services
• Participate in daily/weekly status meetings with the VM Team
• Participate in Agile meetings and follow agile methodology to report work & progress.
• Perform VM Strategic Program management activities as below but not limited to:
o Develop vulnerability management strategic roadmap and execution plans.
o Develop VM processes, guidelines, standards and metrics.
o Document VM processes, guidelines, standards and metrics.
o Drive process improvements and automation for increasing efficiencies
o Develop vulnerability prioritization frameworks, remediation prioritization frameworks.
o Lead remediation tracking meetings and explain vuln. to the customer.
o Participate in incident response meeting (as needed) and define VM strategy to respond to the incident.
• Manage Infra Vulnerability Program.
• Coordinate for remediation of agreed critical vulnerabilities based on service levels.
• Develop vulnerability prioritization frameworks, remediation prioritization frameworks.
• Act as Remediation coordinator for triaging between Infra towers. Analyze the vulnerabilities and provide more details for remediation.
• Perform Vulnerability prioritization and grouping.
• Perform follow-up for reported Vulnerabilities until closure.
• Identify continual improvement program, track, measure and report status.
• Be the first technical point of contact for VM services
• Participate in daily/weekly status meetings with the VM Team
• Participate in Agile meetings and follow agile methodology to report work & progress.
• Perform VM Strategic Program management activities as below but not limited to:
o Develop vulnerability management strategic roadmap and execution plans.
o Develop VM processes, guidelines, standards and metrics.
o Document VM processes, guidelines, standards and metrics.
o Drive process improvements and automation for increasing efficiencies
o Develop vulnerability prioritization frameworks, remediation prioritization frameworks.
o Lead remediation tracking meetings and explain vuln. to the customer.
o Participate in incident response meeting (as needed) and define VM strategy to respond to the incident.
• Manage Infra Vulnerability Program.
• Coordinate for remediation of agreed critical vulnerabilities based on service levels.

• Develop vulnerability prioritization frameworks, remediation prioritization frameworks.
• Act as Remediation coordinator for triaging between Infra towers. Analyze the vulnerabilities and provide more details for remediation.
• Perform Vulnerability prioritization and grouping.
• Perform follow-up for reported Vulnerabilities until closure.
• Identify continual improvement program, track, measure and report status..

Regards,
Ajith Maria Alban

To apply for this job email your details to ajith.m@vysystems.com