Must Have Skills:
10+ years of professional experience working in sole contributor security roles (operational, consulting and/or compliance)
3+ years assessing SaaS solutions
3+ years deploying, designing, or assessing solutions in AWS or Azure.
Experience executing information or IT risk assessments using common industry techniques and standards (e.g. CSAs CCM, NIST standards, etc.) – come out of compliance to an operational security role or become an assessor. Someone higher level and is the “big picture” person.
Experience running meetings while maintaining meeting minutes
Extensive experience deploying or assessing complex Cloud solutions
Mature threat and vulnerability identification skills with the ability to determine most likely threat by interest, capability and access
Mature risk rating experience with the ability to recognize the risk given all relevant mitigating controls not just compute based on gap against industry best practice.
Nice to Have Skills:
Systems Administration experience
Security test development
Bachelors in Computer Science
CCSP or CCSK*
Experience using Microsoft Office Suite for documentation and reporting objectives (Access, specifically)
Self-starter with strong ability to work independently while maintaining effective communication to their leadership
Highly motivated, self-directed and possessing solid execution skills.
Demonstrates critical thought and probes beyond the surface of the requested data to get at the valuable (actionable) information.
Able to understand complex concepts quickly.
Detail oriented, but understands broader impacts of requests.
Adjusts quickly to changing priorities as necessary. Manages multiple tasks and deliverables simultaneously and in an organized and results-oriented manner.
Strives to proactively identify and address areas where business process efficiency and effectiveness improvements would make a positive impact on the top and bottom lines.
Possesses a strong analytical, quantitative and objective outlook.
Excellent people skills are also necessary since this position interacts with all levels of resources across the entire organization.
A typical day could involve attending or hosting status meetings to review progress on delivery against security objectives, reviewing business requirements and solution proposals to propose security requirements, reviewing designs, producing assessment report and discussing findings with leaders from front line to executive or solving other assorted information security challenges.
Conduct business process reviews to understand current state business processes and how underlying applications support and enable these processes.
Collaborate with business partners and stakeholders to identify and define high level and detailed security requirements.
Review technical designs and solution proposals to propose or help identify viable, practical and cost effective solutions to security problems
Demonstrate success in facilitating discussions with functional areas of the organization.
Prepare gap, threat, and impact analysis documentation.
Partner with testing resources to identify testing requirements.
Proactively identify opportunities to utilize current or innovative technical solutions to improve business processes and/or products that provide additional revenue, cost savings or efficiency gains.
The majority of their interactions will be with business analysts, development managers, project managers, business unit team member and other groups in IT and IS and their associated vendor partners as well as other assessment teams involved in risk management across the bank.
|Application Deadline||September 9, 2017|
|Experience Required||10+ years|
|Job Duration||6 months|