Description
JOB TITLE: IT Security Risk Assessment
LOCATION: Atlanta, GA
START DATE: May 7, 2012
Job Purpose
Perform IT Risk Assessments for a major enterprise client with data centers located throughout the US.
Responsibilities
Understand and classify IT Risk based on NIST SP800-30 specifications with specific consideration for Internet Service Providers and Telecommunication companies. Interview managers, directors, engineers, and other employees to gather data.
Document findings in a formalized report that will be delivered to executive leadership.
Present findings in a debriefing meeting with management and answer questions on the report.
Must be very strong with Microsoft Powerpoint, Word, and Excel to generate reports and track work progress (required).
Provide weekly status updates and reports to management. Schedule and conduct meetings/interviews with data owners and management to achieve project goals.
Update program recommendations over the course of the engagement as new threat vectors to protection of sensitive data are identified.
Assist with development of an approach to create Heat-Maps that consider enterprise reporting and alignment.
Skills/Qualifications
Experience in conducting IT Risk Assessments for medium or large organizations is required. Certifications or Training in IT Risk Assessments or IT Audits is preferred. Project management experience is a plus. Must be comfortable speaking in meetings, conducting interviews, and working with business leaders on a frequent basis.