Senior Security Risk Assessor

About The Position

Requirements

• 5+ years of information security or related experience
• 5+ years working knowledge of common security frameworks and regulations, including but not limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI-DSS
• 5+ years working knowledge of Information Technology including Cloud, access management, architecture, infrastructure, operating systems, application/software development, and endpoint security

Nice To Haves

• Industry related certification such as CISSP, CISM, CRISC, etc.
• Ability to comprehend implications of security risk (inherent risk, residual risks), compensating controls, etc.
• Solid written and verbal communication skills
• Ability to demonstrate critical thinking and knowledge of risk management basic processes, tools, and techniques
• Experience operating in applications including Archer, Qualys, Checkmarx, and Prisma
• Solid knowledge of Information Security policies and procedures
• Solid knowledge of regulatory (including Audit frameworks) standards, including but not limited to NIST 800-53, SOX, SOC1/SOC2 Type II audits, HIPPA/HITECH, HITRUST, and PCI-DSS
• Knowledge of current security threat and vulnerability trends
• Understanding of cloud Security best practices and frameworks

Benefits

• Affordable medical plan options
• 401(k) plan (including matching company contributions)
• Employee stock purchase plan
• No-cost programs for all colleagues including wellness screenings, tobacco cessation and weight management programs, confidential counseling and financial coaching
• Benefit solutions that address the different needs and preferences of our colleagues including paid time off, flexible work schedules, family leave, dependent care resources, colleague assistance programs, tuition assistance, retiree medical access and many other benefits depending on eligibility