Risk Manager - Cyber

About The Position

Requirements

• Bachelor's degree in Information Assurance, Information Security, Information Systems or related field preferred
• Information Security certifications and Security Product Certifications are desirable
• 6+ years information security experience in a large and complex business environment
• 3+ years experience identifying and remediating application security risks as part of vulnerability assessments and remediation programs
• Strong knowledge of the development of application security assessment and code review methodologies
• Strong knowledge of application security vulnerabilities, remediation and mitigation techniques, and secure coding practices
• Working knowledge of automated application security scanning tools such as Qualys, Splunk, Prisma Cloud or other similar commercial solutions
• Working knowledge of manual assessment tools, automation scripts and other commercial and open source tools is preferred
• Strong analytical skills to troubleshoot technical problems and determine resolution
• Strong knowledge of web technologies (.ASP, .NET, Java)
• Exposure to Application Security Maturity Models
• Collaborates effectively with cross-functional entities across the enterprise
• Organizational direction, time management, problem-solving, prioritization, goal setting, leadership and motivation, negotiation, interpersonal relations, verbal/written communications and human resource management

Responsibilities

• Delivering centralized application security services
• Providing dedicated security functions in accordance to the needs, risk level, and plans provided by the corporate security plan
• Managing the risk posture, regulatory compliancy assurance, and the coordination of security plans in conjunction with the Senior Director of Risk Management
• Monitor, schedule and communicate information security tasks, events and trends
• Identification, monitoring and reporting of risk items to the Senior Director of Risk Management
• Development and reporting of key metrics
• Documentation of the application security program (Secure Coding Policies, Security Guidelines, Best Practices, Checklists, etc.)
• Mentorship and guidance to business security champions and other security analysts
• Performs other related duties as assigned

Benefits

• Medical, dental, vision insurance
• Parental leave
• Paid time off
• 401(k) plan with employee and company contribution opportunities
• Life, disability, and accident insurance
• Discounted employee stock purchase plan
• Tuition reimbursement