This Job Vacancy has Expired!

Security Policy Engineer

Posted on Nov 14, 2018 by Request Technology

Chicago, IL 60601
Information Technology
Immediate Start
Annual Salary
A prestigious company is in need of a Security Policy Engineer. This engineer will serve on the Governance, Risk compliance team and will act as an information security expert to consult with technical and non-technical management. This individual will perform key functions of risk management like life cycle management of client responses, Vendor risk program management, and GRC platform and program management.
  • Serve as a subject matter expert for Information Security, consulting to technical management (serving on project teams, discussing application and systems architectures, etc), non-technical management (educating the user community on information security) and attorneys (eg litigation-related technical education) as necessary.
  • Manage and support GRC technology and Security Governance solutions. Create and maintain system, procedural and support documentation.
  • Manage and support the 3rd Party Security Vendor Risk Management program and life cycle. Document and perform Risk assessments as well.
  • Vulnerability Management: collect information on emerging threats including software vulnerabilities. Coordinate triage of and response to vulnerability information. Disseminate this information regularly to firm staff and management as appropriate.
  • Security Awareness: assist in coordination of the program, including development of awareness content, scheduling of awareness activities and measuring progress of the program.

Relevant Training and Certifications:

  • Certified Information Systems Security Professional (CISSP)
  • Certified Information Security Auditor (CISA)
  • Certified Information Security Manager (CISM)
  • GRC tool management: Administration, Engineering or both

Position Skills

  • Ability to facilitate project and vendor risk assessments with relative independence and provide guidance on secure design and operation.
  • Demonstrate ability to create and maintain security policy, standard, guideline and procedure documents.
  • Strong knowledge on Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG
  • Experience (Administration or Engineering) in GRC platforms

Core Security Technologies

  • Strong knowledge and use of GRC platforms.
  • Knowledge of host and network-based anti-malware technologies.
  • Knowledge of security event management (SIEM), event correlation and analysis technologies.
  • Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities.
  • Knowledge of web filtering and email SPAM prevention techniques.
  • Knowledge of vulnerability assessment and forensic investigations tools.
  • Knowledge of mobile device security and Mobile Device Management solutions

Reference: 568863661

Similar Jobs

Security Policy Engineer

Chicago, IL

Request Technology

Security Policy Engineer

Chicago, IL

Request Technology - Anthony Honquest

Technical Security Policy Engineer

Chicago, IL

Request Technology - Kyle Honn