Cyber Risk Security Engineer/GRC
Posted on Mar 3, 2020 by Request Technology - Craig Johnson
*Position is bonus eligible*
Prestigious Enterprise Company is currently seeking a Cyber Risk Security Engineer with strong GRC experience. Candidate will be responsible for conducting relevant in-depth research, performing assessments, and creating reports for supervisor review.
- Assist with the maintenance of the Cyber Risk Assurance Program.
- Perform testing of Cyber Security processes and controls operating effectiveness and for regulatory compliance to applicable regulations.
- Assist with the creation and maintenance of core service documentation.
- Perform and own individual project tasks within a Cyber Risk Management Program.
- Measure and report on Cyber Risk Management to the Cyber Risk Assurance Manager.
- Communicate regularly and clearly to a wide variety of technical and non-technical audiences.
- Take feedback and apply lessons learned.
- Work within a teaming environment to resolve disputes.
- Set professional goals and meet performance requirements.
- 4+ years of experience in Cyber Risk Management, IT Risk Management, Information Security or related Audit function.
- Bachelor's degree in Computer Science, Information Systems, Business Administration, Mathematics, Science, Technology, Engineering or other professional field of study.
- Must have or currently in the process of obtaining an industry recognized Information Security certification such as Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRIS), Certified Information Systems Auditor (CISA) certifications, or other related certifications.
- Demonstrates knowledge of Cyber Security, Data Protection, IT Risk or IT Audit/Compliance.
- Knowledge of industry standards/regulations (NIST, PCI-DSS, HIPAA, GDPR, NAIC, etc.) preferred.
- Experience of conducting independent risk assessments, business process or IT control auditing.
- Experience of testing cyber, IT or Information Security controls.
- Proven experience of execution of projects in cyber security, risk management, compliance, IT audit or IT risk management.
- Excellent communication and organization skills.
- Aptitude and capability for conducting quantitative and qualitative analyses of large, complex IT systems and Business Processes.
- Thorough proficiency of MS Office Word, Excel & PowerPoint and generally highly IT proficient.