Skip Ribbon Commands
Skip to main content
     
Cyber Governance and Risk Advisor IISearch Other Jobs

Job Summary

Assist the Cyber Governance Manager (“Manager”) with the execution of NIST Cybersecurity framework for risk management through the identification, assessment, maturity measurement, monitoring and management of cyber risk across Securus and the subsidiaries. The role is responsible for the Cybersecurity program governance activities including security requirements management, risk assessments, training and awareness, policy and standards management, and KPI/metrics reporting.


Job Description

Be a champion for the CyberSTARR (Cyber Security Technology Assessment Risk Reduction) program.

Design cybersecurity requirements for adoption by the EPMO during planning, functional, technical requirement phase, user story creation, grooming, and design.

Lead and assist Business and IT team with designing the environment to conform to the Securus Cybersecurity NIST CSF.
Conduct information systems, process, and vendor risk assessments using the NIST CSF.

Conduct the 2nd line of defense security assessment, identify trends, and generate executive level and actionable reports on findings.

Lead efforts in identifying, managing, configuring, and monitoring vulnerability/penetration assessments tests and Plan of Action & Milestones.

Implement key performance and metrics across the Cybersecurity program.

Promote and facilitate cyber risk, security awareness, phishing campaigns, security newsletters publications, and training programs.

Work with the Sales Team to analyze security questionnaires and provide a timely response to all RFPs.

Manage vendor relationships and maintain an IT Vendor Management Office by ensuring core security requirements and thresholds are baked in all contracts.

Conducts periodic security reviews and monitoring of vendors and outsourced activities to ensure contractual commitments are met consistently.

Create a detailed Security assessments/characterizations playbook for all technology acquisition. Provide security advice to all teams engaged in the integration.

Serve as primary liaison between Cybersecurity team and Business Stakeholders

Work closely with leaders across functional areas to ensure security standards, policies, and procedures are deeply embedded and understood.

Knowledge, Skills, and Abilities:

Prioritize work activities and use time efficiently, work with urgent deadlines.

Flexibility and adaptability in work approach.

Excellent influencing and problem resolution skills.

Must have very strong organizational skills.

Excellent communications skills with the ability to express technical concepts effectively, both verbal and in written form.

Advanced Microsoft Office skills – PowerPoint, Excel, Outlook, and Word.

Strong subject matter expertise in risk management, governance, risk and Compliance (GRC).

Excellent problem solving, analytical, critical thinking, decision-making, communication, organization, task and time management skills.

Ability to manage multiple, concurrent projects.

Prioritize tasks, work independently, and meet deadlines with minimal supervision.

Proficient with Microsoft Office Suite.

Knowledge and experience with various standards (NIST CsF, PCI-DSS, SOX, FISMA, HIPAA etc.).

Experience with risk-centric standards/frameworks.

Working knowledge of network infrastructure and security monitoring tools.

Minimum Qualifications:

7+ years’ experience in Information Technology; 7+ in an Information Security role.

Information Security certification required. Security certifications may include, but not be limited to CISSP, CISA, CISM, GSEC, Security+, and CEH.

Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting

Preferred Qualifications:

9+ years’ experience in Information Technology; 9+ in an Information Security role.

Experience / Certification in project management.
Industry standard Information Security Management Certification; i.e. CISSP, CISM
 

Physical Requirements:

Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools.  May be required to lift up to 25 pounds.

 



Contact:




More Info:
https://internal-securustech.icims.com/jobs/2266/cyber-governance-and-risk-advisor-ii/job



Attachments:


Posted:  
2/11/2019




Disclaimer: ISACA-North Texas Chapter is not responsible for, nor specifically endorses the information contained within the attachment or the advertiser’s web site.

 

Company:

Securus Technologies

Location:
4000 International Pky Carrollton, Texas

Career Level:
Non-Management

Job Category:
Permanent

Pay Rate:
Salary

Job Code:
2019-2266

Expiration Date:

2/28/2019




©ISACA North Texas Chapter 

P.O. Box 25026

Dallas, TX 75225-1026

Chapter Board of Directors

Contact the Board

Chapter Information

Get Involved!

Frequently Asked Questions

Sign In

Website Resources

Event Calendar

Chapter News

Conference Presentations

Job and Internship Announcements

About the Website

Privacy Policy

Careers Administration

Contact the Webmaster

Leadership Share