Role: Security Risk Assessment Specialist
Location: Canton MA (100% Remote)
Duration: Long Term
Description:
Duties and Responsibilities
- Providing advanced information security consultation for all aspects of information security compliance policy risk management and remediation
- Identifying process improvements and developing plans to meet or exceed security best practices
- Ensure the confidentiality integrity and availability of the information residing on or transmitted to/from/through the enterprises devices servers and other systems and data repositories.
- Conduct risk assessments on various applications systems infrastructure cloudenvironments and thirdparty arrangements. Document identified risk through a risk report to be effectively communicated shared with business and/or technical leadership
- Confidently represent the Cyber & Information Security risk assessment services function with reviewing and assessing contracts application designs integration plans etc.
- Create documentation in support of the risk assessment services team
Minimum Requirements:
- 10 Years experience with security risk assessment analysis and proposals to stakeholders
- 10 Years experience in at least 4 of these and similar disciplines: IT governance and operations; access control analysis; incident response; data analysis and auditing controls; data protection; advance threat protection; identity and access management; integrated technologies with crossfunctional impact
Desired Skills and Experience:
- Broad knowledge of commonly used information security concepts best practices and standards
- Selfdirected; expected to identify and lead efforts to correct security controls and/or process improvements
- Experience with at least 4 of these and similar disciplines: IT governance and operations; access control analysis; incident response; data analysis and auditing controls; data protection; advance threat protection; identity and access management; integrated technologies with crossfunctional impact
- Strong collaboration facilitation and negotiation skills.
- Strong communication skills both written and verbal.
- Ability to explain complex technical issues to nontechnical colleagues and business executives
- Ability to troubleshoot and independently solve problems as they arise
- Familiarity with HIPAA Security Rule and other regulatory requirements
- Proven analytical and problemsolving abilities
- Project and program management planning and organizational skills
- Customer service focused
- Time management and prioritization