Job Description
Responsibilities
Technology Security Reviews
• Work collaboratively with key business stakeholders and internal IT contacts to conduct reviews and risk assessments of new technologies being considered for use. Formally document these architectures, delving deep into how the data is processed throughout its lifecycle, and clearly document security controls to protect that data.
• Document risk assessments such that they can be easily understood by stakeholders, and include actionable risk treatment recommendations/security requirements for implementation.
• Act as a resource to the Project Management Office and other business stakeholders throughout their deployment lifecycle so that the recommended controls are implemented and tested properly.
Client Assessment Response
• As assigned, using a defined process and existing artifacts, take end to end ownership of responding to incoming client security assessments & audits, RFPs, and Outside Counsel Guideline review.
• Take first pass at completing lengthy client assessment questionnaires (100-200 questions on average) using a standard answer and evidence bank that ensures a consistent response across our client base.
• Recognize when banked answers need to be updated based on our evolving security program and recommend new language or approaches to questions as appropriate.
• Take professional pride in the quality of your response, ensuring that answers are accurate and complete; and work with the Senior Governance Risk and Compliance Analyst to validate answers before formally submitting back to the client.
Incident Response / Security Operations
• Monitor security events and alerts using security information and event management (SIEM) tools. Investigate and analyze security incidents to identify root causes and recommend remediation actions.
• Collaborate with cross-functional teams to develop and execute refined incident response playbooks which are streamlined and ensure that any risks are properly managed.
• Stay up-to-date on emerging cybersecurity threats, vulnerabilities, and best practices and scan for these emerging threats in our environment, providing prescriptive guidance to the teams affected.
Qualifications
• Bachelor's degree in Information Systems, Information Security, Risk Management, or a related field (experience may be considered in lieu of a degree).
• At least five years experience in Information Security or similar type role.
• Extremely good written and verbal communication skills, with the ability to produce high quality documentation either during or shortly after meeting with a cross functional group to discuss a technology considered for use by the firm.
• Excellent meeting facilitation and leadership skills necessary to own high visibility security reviews which receive attention from our internal legal team, CIO and other key stakeholders.
• Reasonable understanding of security concepts, such as networking (routing, firewalls, NAT translation, proxies, SASE solutions), authentication, role based access controls, encryption, data governance, etc.
• Very good data analysis skills with prior SIEM or equivalent data reporting technologies (databases, complex Excel spreadsheets). The ability to think critically about how data is structured and what story it tells. The ability to use basic data visualizations to help readers quickly understand any relevant meaning within the data.
• A good understanding of governance frameworks and compliance programs. Able to competently understand all manner of questions that relate to domains covered by ISO 27001, SOC2 and other common frameworks.
• Extreme thoroughness and the ability to be directed on important initiatives, but to work independently to ensure the optimal outcome, reporting back to senior management on important milestones or issues that arise.
The estimated base salary for this position is $160,000 to $175,000 at the time of posting.
💡 Quick Summary
Seeking a career-building opportunity? The Information Security Specialist |Fulltime Remote position is now open for candidates interested in the Work from home Jobs sector. This role in Alturas offers a professional environment and growth potential.
Requirement Snapshot: Candidates should possess basic communication skills, a proactive attitude, and the ability to work in a team. Experience in Work from home Jobs is a plus.
