Sr Cybersecurity Specialist

About The Position

Requirements

• At least 7 years in cybersecurity analyst, engineering, or architecture roles with increasing responsibility. Preference towards risk management/GRC background
• Undergrad work in cyber or information security, masters in cyber or business
• Certifications: CISSP, CISA, CRISC, CISM, CCISO, GIAC or other industry recognized certifications

Responsibilities

• Supports the CISO in the execution and oversight of the Foundations Information Security Program.
• Provides consistency of operations when CISO is absent/PTO.
• Possesses and can demonstrate a deep knowledge of cybersecurity concepts and risk including but not limited to
• Data Security
• Risk Management (internal, third party, nth party)
• GRC, able to understand global regulatory landscape and implications of data protection.
• Legal/contract risk
• Ability to analyze Data Protection obligations of third party and insure inclusion in contracts.
• Ability to assess terms and conditions that can be accepted or mitigated within contracts to reach consensus.
• Able to serve as a thought partner with legal when assessing contract risk.
• Identifies, assesses, and documents emerging risks to the Foundations systems and data.
• Should have proficient understanding of hybrid/SaaS environments.
• Manages risk through:
• Risk Assessments
• Security Review
• Vulnerability Management
• Threat Assessment
• Creates and maintains metrics and reports
• Security Posture
• Risk Register
• Security/Risk Remediation
• Threat/Risk
• Conduct investigations initiated by the business concerning confidential matters.
• Perform forensic investigations, data recovery or work with outside parties to facilitate recovery of data.
• Maintenance/support control set including, but not limited to
• Vulnerability Management System/Platform
• Behavioral Analytics Platform
• SIEM System
• Third-Party Risk Management Platform
• Brand Reputation