Location: Remote
Department: Azzur IT, LLC
Duties and Responsibilities include, but are not limited to, the following:
Apply Now
Department: Azzur IT, LLC
Job Description
Duties and Responsibilities include, but are not limited to, the following:
- Defines, documents, reports and tracks technology risk across IOPS
- Reviews technology controls across IOPS to identify potential vulnerabilities and weaknesses
- Works across the IT Team to help identify technology risks and mitigation initiatives for existing technologies and systems
- Conducts risk assessments for all new technology projects, applications and services, identifying risks and agreeing mitigation actions
- Monitors and tracks identified risks and mitigation actions
- Verification/auditing of controls and risk/control indicators
- Helps mitigate key risks by identifying and recommending changes to policies and procedures
- Maintains awareness of emerging security risks and trends and raises awareness of risks where appropriate
- Supports Regulatory and Internal audits related to Technology Risk and Information Security
- Works across IT to ensure security best practices are identified and integrated into all facets of projects including designs/configuration, and implementations
- Assists in documenting standards, processes, and procedures for security incident response
- Security awareness – tracking cyber security behavior of individuals and teams within IOPS during Phishing scenarios sent out to us by Corporate Information Security and communicating out to IOPS on Cyber/Information Security related themes throughout the year.
Education and Experience:
- Requires BS/BA in Information Technology or related field with 3-5 years’ Risk or Security experience or equivalent combination of education and experience.
- Experience of a regulatory environment, information security best practices (ISO 27001:2013, NIST Cyber Security framework etc.)
Knowledge, Skills & Abilities:
- Proven track record in technology risk identification and management
- Knowledge and experience of the wider and emerging technology space, such as infrastructure, database, networks, mobile device management and cloud technologies
- Experience of information risk governance and an understanding of risk analysis, management techniques and methodologies
- Strong analytical skills with the capability to assess the information provided, and provide clear and appropriate direction
Apply Now