Lead Cybersecurity Supplier Chain Assessments Advisor

Location: San Antonio, TX, United States
Date Posted: 08-09-2018

Purpose of Job - Supply Chain Cyber Security Assessments

Evaluates, designs, monitors, administers and/or implements Information Security systems, policies and processes focusing on mitigating, reporting and analysis of Information Security risk. Resolves issues and navigates obstacles to deliver work product. 

Job Requirements

  • Provides advice, guidance and assistance to managers and other users on technical issues focusing on Information Security risk and supports the development projects, departmental initiatives and other special projects. Assists in the determination of requirements and recommends system security configurations.
  • Supports the lines of business and staff agencies with Information Security issues and communicates changes and trends in the Information Security standards and regulations.
  • Responsible for the implementation and interpretation of Information Security policies, guidelines and standards including the Information Security awareness program.
  • Supports cross functional teams through the problem resolution process, ensures necessary technology security controls exist and troubleshoots noncomplex Information Security issues.
  • Performs physical site assessments of business partners, provides peer review of work product and deliverables and executes release of information analysis to third party business partners.
  • Executes the Information Security risk and control identification, evaluation, documentation, analysis and reporting processes including analytic tools.  
  • Supports the process owner execution identification, development and testing Information Security controls for risk mitigation effectiveness.
  • Responds to both verbal and written Federal and State regulatory and business partner periodic exams for Information Security risk requirements.
  • Maintains strategic and operational risk reporting and analytics as well as address responses to audit questions, and findings.
Minimum Requirements:
  • Bachelor's degree OR 4 additional years of related experience beyond the minimum required may be substituted in lieu of a degree.
  • 4+ years experience developing and implementing Information Security Applications.
  • Proficient knowledge of Information Security technical discipline.
  • Team oriented innovative thinker who is a self-starter and drives change.
  • Experience with Third Party Risk Management and assessments/audits within the Information Security domain.
  • Working knowledge of NIST Cybersecurity Framework.
  • Experience working with RSA Archer Governance Risk and Compliance (GRC) tool.
  • Experience in financial sector regulatory requirements and sensitive data controls to protect PCI, PHI, PII and IP data.
  • INFOSEC certification to include one or more of the following CISSP/CEH/CISA/CRISC/CCSA/CTPRP
  • Ability to Travel up to 40%
The above description reflects the details considered necessary to describe the principal functions of the job and should not be construed as a detailed description of all the work requirements that may be performed in the job.
Employees enjoy one of the best benefits packages in the business, including a flexible business casual or casual dress environment, comprehensive medical, dental and vision plans, along with wellness and wealth building programs.
For more information, please apply below or contact us
this job portal is powered by CATS