Cyber Security Risk Expert IV

About The Position

Requirements

• Expert-level knowledge and proficiency with ServiceNow (SNow) Vulnerability Response (VR) and generally associated modules
• Deep understanding of SNow platform's core functionalities and components, including forms, MID servers, tables, dashboards and access control lists (ACLs)
• Proficiency in rules and scripting (e.g., JavaScript), adequate to develop, test and deploy
• Proficiency to develop and troubleshoot VR integrations, including knowledge of APIs and service graph connectors
• Proficiency in designing and developing VR-focused dashboards and reports
• Knowledge of automation coding, to automate data extrapolation, organization and dissemination, to meet the needs of the organization
• Demonstrated proficiency in successfully evaluating and supporting documentation, validation and remediation processes required to ensure new and existing information technology (IT) systems meet the organization's vulnerability remediation expectations and requirements
• Demonstrated ability to review and understand security blueprints, principles, models, designs, standards, and guidelines to ensure enterprise cybersecurity remediation support is consistent and beneficial to the organization
• Experience with vulnerability remediation and remediation processes and efforts, as well as remediation tools
• Strong organizational skills and ability to build and maintain schedules and step-by-step action plans
• Effective communication and collaboration skills to work with cross-functional teams, business units, stakeholders and IT professionals, and to conduct presentations to varying audiences and technical knowledge levels
• A minimum of thirteen (13) to twenty (20) years' relevant experience.
• A degree from an accredited College/University in the applicable field of services is preferred. four additional years of relevant experience in lieu of a college degree is required.
• If the indiviual's degree is not in the applicable field then four additional years of related experience is required.
• Works on high-visibility, or mission critical aspects of a given program, and performs all functional duties independently.
• Oversees the efforts of direct reporting resources and/or be responsible for the efforts of all staff assigned to a specific job.

Responsibilities

• Design, administer, and execute procedures for the identification, assessment, documentation, and communication of risks
• Provide recommendations to improve and sustain the security of the enterprise's data and operations
• Document the organizational risk response plan (accept, mitigate, transfer, or avoid)
• Monitor, report on, and validate, the status and efficacy of risk mitigation, transfer, or avoidance plans
• Design and administer procedures within the organization to sustain the security of the organization's data and access to its technology and communication systems
• Assess the risk of exposure of proprietary data through weaknesses in platforms, access procedures and forms of access, to the organization's systems and data contained within
• Review, collate, understand and present data, from various sources, to meet the remediation needs and expectations of the organization
• Review, investigate and assign cybersecurity vulnerabilities, for a variety of applications, systems and hardware, including cloud computing
• Manage several projects/initiatives of various sizes, complexities and risks
• Serve as subject matter expert (SME) for the VRM process