Digital Security Risk Consultant

Boston, MA

Post Date: 04/13/2017 Job ID: 2521263 Industry: Risk Assessment Specialist

Works collaboratively as part of an agile development team, on highly visible, divisional/cross-divisional complex projects Sought as a key resource for resolution of unique or complex business problems Drives continuous improvement and efficiencies beyond own scope of responsibility Participate in various forums, to ensure appropriate identification of information risk and drive definition, design and implementation of control procedures to mitigate that risk Utilize effective organizational influence / conflict resolution, verbal and written communication, and leadership skills to communicate a risk based approach to security and control design in line with business goals and visionQUALIFICATIONSBasic Job Qualifications: Minimum of 5 years of progressive experience in Information Security Risk and Controls definition and design. This role requires at least one information security, compliance, regulatory or related domain certification (CISSP, CEH, CRISC, CISA, CISM, etc.)

BS in Computer Science or a related field is required Proven expertise in mitigating and addressing threat vectors including Dev Ops, Secure Coding (OWASP), and Information Assurance across private, public and hybrid cloud environments, including experience with technologies such as Jenkins, code repositories, chef/puppet 3+ years experience and proven competency with regulatory mandates such as GLBA, HIPAA, PCI and SOX Proven competency with risk management frameworks such as ISO 27001, NIST and Cobit Authorized to work in the US without sponsorshipPreferred Job Qualifications: Lead security & control assessments on applications, APIs and platforms Help ensure designs and implementations meet security best practice and defined standards Build and tune processes and procedures to scale security assessment for faster feedback to the team. Facilitate the definition, design and implementation of security and control solutions and procedures and automate where possible Communicate technology related policies and standards and how they should be applied within the Digital Business units to ensure risk is managed to an acceptable level and compliance achieved where it represents a significant risk to the business Collaborate with Architecture resources to proactively identify potential risk exposures within new digital technology solutions and partner with application development teams and core information risk services groups to design and implement appropriate control solutions and procedures to mitigate risk / exposure Serve as a Risk and Security Controls Consultant on projects, RFP s & internal/external requests for security specific information Take a lead role in conducting security research on threats and remediation techniques/ technology, make recommendations to the IS/IT teams and oversee implementation Previous/current experience in a highly-regulated industry, or in banking or financial services, is strongly preferred Understanding of technologies used to collect, share, access and use personal information. This includes an understanding of identity verification, encryption and secure coding practices

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: