Client Advisor for Social Security Scotland, helping people apply for benefits via calls and webchat. Processing applications and managing client information in a supportive role.
About the role
- Senior Manager Information Security driving governance and compliance for identity security platform. Leading risk management initiatives and supporting customer engagement in a hybrid work setup.
Responsibilities
- Serve as the Governance POC both internally and externally. Identify governance or compliance requirements, assess risks, review required forms, and serve as liaison across cross functional teams to help achieve Info Sec objectives.
- Maintain compliance calendar and be accountable for the execution of various compliance assessments throughout the year, including but not limited to ISO 27001, FedRamp, PCI-DSSS, SOC 1, SOC 2.
- Have a working knowledge of the NIST CSF and RMF frameworks
- Support customer requests as they pertain to Compliance queries and to other Information Security questions, with the support of technical Info Sec members
- Develop and update Policies, Standards and Procedures per the organization’s policy framework
- Establish and lead risk management activities, including identification of risk and recommended mitigations; track and manage risks and issues from identification through closure.
- Establish and maintain appropriate metrics that will help measure the GRC posture of the company
- Collaborate with key stakeholders to ensure successful execution of mission and business needs.
- Execute on GRC initiatives as defined within the security roadmap, while working with the broader Information Security team and technology teams
- Conduct risk assessments, compile risk registers, and track risk remediation plans
- Respond to requests from customers for information on our security measures
- Completing vendor security reviews. Optimize and automate security questionnaire process.
- Review security clauses in customer and vendor contracts
- Establish, review, and enhance security training and awareness programs
- Support the business with customer engagements, including attending customer calls and supporting sales teams
Requirements
- Bachelor’s degree with a minimum of 8 years of experience
- Knowledge of risk management processes and requirements, including NIST RMF and NIST 800-53 Rev 5 controls
- Experience managing Agile projects with a focus on duties related to Product Owner
- Experience developing executive level presentations to support
- Governance and broader Information Security updates to appropriate audiences
- Experience assessing project and technical documentation to ensure compliance with established policies, processes, and procedures.
- Requires sufficient technical background to be able to interpret audit and compliance requirements
- Ability to provide excellent written and oral communications by email, presentations, and mobile communication platforms (including: experience facilitating discussions, briefing senior managers, and conducting project meetings).
- Experience supervising or managing an Agile project team.
- Work on multiple projects and tasks concurrently
- Experience defining project scope and objectives, developing detailed work products (schedules, status reports, etc.), conducting project meetings, and owning responsibility for project tracking and analysis.
- Knowledge of local legal and regulatory security requirements including HIPAA, FedRAMP, and GDPR/privacy
- Flexible and collaborative approach to enabling and supporting the business
- Strong stakeholder and relationship management skills
Benefits
- Health insurance
- Retirement plans
- Paid time off
- Flexible work arrangements
- Professional development
Job title
Job type
Experience level
Salary
Not specified
Degree requirement
Location requirements
Information Security Manager at IT - Total protecting critical information and enhancing clients' resilience to cyber threats. Role involves strategy and operations in information security.
Cloud Security Consultant (Jr.) joining NVISO to protect European society from cyber attacks. Working with Azure or Microsoft 365 cloud services focusing on security in a supportive environment.
Security Engineering Advisor partnering with CISO to shape security direction at Montel in Oslo. Managing security execution and supporting cross - functional teams within a growing SaaS environment.
Information Security Lead responsible for governance and risk management at VFX Financial. Overseeing SOC operations and implementing security frameworks and practices for compliance.
Senior Cybersecurity Incident Responder supporting cybersecurity operations of a global pharmaceutical company. Leading security investigations and strengthening incident response capabilities.
Director of Corporate Security & Resilience driving security initiatives and business continuity for OQC in a hybrid role. Leading cross - functional collaboration to manage complex security challenges.
Information Security Specialist ensuring the improvement of Information Security Management at Volkswagen Group. Collaborating on security projects and risk assessments in a dynamic environment.
Senior Technical Advisor guiding conservation efforts and managing island biodiversity in New Zealand. Leading strategic projects to safeguard species and restore ecosystems across the country.
Postdoctoral Research Fellow conducting impactful research in cyber security and cyberpsychology at UQ. Collaborating with industry leaders to contribute to advancements in the field.