Description
Link Technologies is currently looking for a qualified candidate to implement Enterprise Risk Management for a client in Las Vegas NV. This is a long term, over year project. This is a high profile client in the gaming/hospitality industry. If you meet the qualifications below please apply. We are looking forward to speaking with you!
Responsibilities:
Implement IT policy, procedure and risk management best practices within Link Technology. This will require active engagement with a wide variety of stakeholders across Link Technology, including vendors, at all levels from executive to junior members of staff. Cross-functional partnership will be a key part of the role, as well as the management of a distributed team.
Specific aspects of the role:
- Create the vision and strategy for maturing the enterprise security and risk management function
- Set priorities for the function, negotiating across multiple groups as appropriate, and manage through completion
- Maintain and manage the IT Risk/Compliance/Policy/Procedures Register and provide regular executive updates on progress
- Own the risk assessment of existing applications and those under development or being considered for purchase
- Identify risks within enterprise infrastructure and applications; co-develop solutions with teams and management, sponsoring initiatives as needed
- Provide forensic support as needed or appropriate within analysis or investigation efforts
- Develop and implement security and risk policy, and methods for compliance
- Trusted advisor to business leaders on enterprise IT risk, controls and security matters
- Provide specialist advice and/or support as needed to projects, operational activities, incident management and other business priorities
- Participation in industry working groups and technical forums
- Talent management of security/risk professionals - attract & retain high calibre staff, challenge individuals to achieve stretching targets, coach/mentor for personal growth
- Create the team culture for flexible and pragmatic approaches to implement business solutions
- Maintain currency with emerging technologies, best practices and lessons learned from any breach/failure incidents
- Produce regular reporting on progress against objectives, and use appropriate communication methods for diverse stakeholders
Qualifications:
- Bachelor's Degree in Computer Science, Software Engineering or similar Engineering Discipline
- 8+ years of experience in information security, IT risk management and controls
- Experience with fundamental Internet protocols: TCP/IP, SSL/TLS, HTTP, FTP, DNS, etc.
- Programming experience - one or more of: C, C++, Java, .NET/C#, Perl, PHP, Python, Flash/Flex
- Internet technologies and use cases, eg, E-commerce, online marketing/advertising, digital media, video streaming, content management/publishing systems, analytics and security
- 3+ years of hands-on experience as a security practitioner, implementing a variety of solutions
- 3+ years of managing a team of security professionals
Desired Qualifications & Experience
- Recent experience of implementing security products and solutions; familiarity with security vendors, solutions and techniques
- Demonstrable knowledge of enterprise IT risks - threat tactics, techniques, and procedures - to include defense against mass and targeted cyber attacks
- Application of relevant techniques and tools, eg, network and application penetration tests
- Implementation of IT controls to meet business, security or regulatory standards (eg, SOX, PCI), and author of related policy documents based on standard frameworks (eg, COBIT, ISO27001)
- Design and implementation of appropriate protection/detection solutions and verification of efficacy of controls
- Ability to convey risks and proposed mitigation strategies to technical and business audiences
- Able to broker agreement among stakeholders with different viewpoints and priorities
- Familiarity with common enterprise and cloud applications, eg, SAP, Oracle EBS, Salesforce.com
- Published author/blogger on security and IT risk
- Industry certification in security (eg, CISSP) and IT controls (eg, CISA) CGEIT, CRISC
- Project, budget and vendor management
- Experience within a high-tech and/or information-intensive environment
- Prior gaming/hospitality experience a plus