Description
Summary- Assist the Information Security and Compliance group with the following Assessments for specific projects and 3rd party vendors: Critical Risk Assessments, High Level Risk Assessments and Privacy Impact Assessments.
- Develop risk reduction action plan to close gaps identified in risk assessments sessions.
Skills and Experience
- 15-20 years IS Security, Governance and Risk experience
- Experience in IT Operations, Systems Engineering & Leadership
- Good Insight into Business Impact of IT Initiatives
- Subject Matter expertise in diverse compliance and regulatory requirements including Privacy, SSAE16, SOX compliance models
- Expert knowledge in understanding of Security and Risk Standards including NIST, ITIL, COBIT, ISO
- Experience establishing partnerships with project team and aligning Security Strategies that support the business objectives
- At least one of the following certifications: CISM, CISA, CISSP, or CGEIT