Microsoft Security Specialist role at Syntax focused on delivering Microsoft security workshops and advisory engagements. Collaborating on technology implementation while ensuring customer security success.
About the role
- Manager of Security Risk at Grainger overseeing Information Security Risk team and managing security risk programs. Focused on regulatory compliance, leadership, and risk assessment integration.
Responsibilities
- Lead the Information Security Risk team in alignment with security strategy and regulatory or legal obligations.
- Manage and execute the security risk program in collaboration with Information Security teams and stakeholders.
- Management, alignment, mapping, continuous improvement of internal security controls framework and control owner relationships in conjunction with the compliance team.
- Integration expertise of vendor risk reviews, control exceptions, risk assessments, or security control requirement services.
- Subject Matter Expert to stakeholders and team in relation to the spirit of controls, associated security framework or regulation, and alignment to information security.
- Ensuring hiring, training, staff development, performance management and annual performance reviews are aligned and effectively executed to continue to grow skills and capabilities in accordance with Grainger’s strategic needs.
- Monitor external developments that may impact overall risk profiles, including emerging threats, technological developments, regulatory changes, etc.
- Manage the intake of third parties through the risk evaluation process to determine risk levels and priorities of vendors and mitigating any residual risks and/or risk acceptances.
- Report key operational, and program metrics designed to provide transparency of key attributes such as compliance readiness, security framework alignment, program maturity and operations.
Requirements
- Experience in managing regulatory, legal, and/or Information Security frameworks and obligations.
- Comprehensive understanding of the spirit behind controls and their respective frameworks, regulations, or laws.
- Experience in working with control owners to establish accountability, awareness, rationale, and relevance.
- Previous Risk Management experience preferred, with an emphasis on alignment to corporate risk appetite within the Cybersecurity discipline.
- One or more years of IT people management experience, preferably in Information Security.
- Written and verbal communication skills.
- Ability to communicate information security and risk-related concepts to technical and non-technical audiences at various hierarchical levels.
- Knowledge of common information security management frameworks, such as ISO/IEC 27001, ITIL, COBIT as well as those from NIST, including 800-53 and Cybersecurity Framework.
- Skills in financial/budget management, scheduling and resource management.
Benefits
- Medical, dental, vision, and life insurance plans with coverage starting on day one of employment and 6 free sessions each year with a licensed therapist to support your emotional wellbeing.
- 18 paid time off (PTO) days annually for full-time employees (accrual prorated based on employment start date) and 6 company holidays per year.
- 6% company contribution to a 401(k) Retirement Savings Plan each pay period, no employee contribution required.
- Employee discounts, tuition reimbursement, student loan refinancing and free access to financial counseling, education, and tools.
- Maternity support programs, nursing benefits, and up to 14 weeks paid leave for birth parents and up to 4 weeks paid leave for non-birth parents.
Job title
Job type
Experience level
Salary
Degree requirement
Tech skills
Location requirements
Cybersecurity Specialist developing IT resilience and disaster recovery concepts for a global scale in secure IT services. Collaborating across borders in shaping organizational security standards.
Senior Cybersecurity Scrum Master focusing on release management at AT&T, collaborating across teams and managing production change requests with an Agile mindset.
BISO responsible for planning and executing enterprise - wide information security initiatives at Elsevier. Driving cybersecurity awareness and managing technical risk assessments for organizational improvements.
Develop innovative Cloud architectures on Microsoft Azure platforms. Secure cloud infrastructure and applications against various threats while working in a project team.
Analista Pleno de Segurança Patrimonial na Hershey Brasil, responsável por suporte de segurança física e gestão de serviços de segurança. Atuará em conformidade e gestão de crise em São Roque.
Senior Security Architect managing security architecture for Fitch Group. Leading design and implementation of control sets for emerging technologies.
Regional Information Security Officer managing security protocols and compliance for KARL STORZ. Leading local ISOs and enhancing information security measures across subsidiaries.
CISO managing information security and privacy governance at Puzzel, a leading cloud - based contact center provider in Europe. Engaging with stakeholders for compliance and risk management.
Manager of IT Support & Endpoint Security overseeing service desk operations and endpoint security strategies. Leading a team to deliver high - quality technical support and manage IT security policies.