Senior Security Engineer- GRC
EAST GREENBUSH-12061, NY, US
07/05/2018
-
Required Skills
Company
Infinity Consulting Solutions, Inc
Experience
2 to 5 Year(s)
Job Description
Job Description - Senior Security Engineer- GRC
Our Client is a Billion Dollar start-up unicorn that focuses on Business Continuity and
Disaster Recovery solutions. Since established in 2007 they have grown to about 1000 employees with over 10 offices around the world.
They are currently looking to add an Information Security Engineer to their recently established security team.
This Engineer is responsible for supporting/operating a risk-based compliance program as well as practice protection guidance with respect to applicable regulatory areas.
The Information Security Analyst will be responsible for developing policy, process and procedure as well as identifying cyber risks, advancing the information security program and monitoring for compliance.
Due to the nature of the work the individual needs strong analytical, communication, controls and risk assessment skills.
Primary Responsibilities for Senior Security Engineer:
Understand the needs and implications of the various legal, privacy, and regulatory bodies that impact our business and ensure they are addressed (i.e. HIPAA, GDPR, etc.)
Manage the requirements and achievement of appropriate certification programs surrounding information security (i.e. SOC2, NIST, ISO, etc.)
Support external and customer audit requests
Conduct risk management activities and deliver metrics and reporting
Maintain a constant understanding of the cyber threat and regulatory landscape for the company; translate that knowledge to identification of risks and actionable plans to protect the business
Monitor compliance of information security policies and procedures among employees, contractors, partners and other third parties
Act as a subject matter expert to other teams and assist in the design, assessment, implementation, deployment and maintenance of security controls and processes
Review security control effectiveness and compliance on an ongoing basis
Create and implement training plans to promote security awareness among employees
Communicate the information security program to customers and their end users
Perform other related duties as assigned by management and adhere to all company policies and procedures
Qualifications for Senior Security Engineer:
5+ years of IT experience, with 3+ years Information Security
2+ years of experience in performing risk assessment or IT audits
Industry certification, such as CISSP, CISA or CISM is highly desired
Experience developing and maintaining written security controls, compliance, and defining treatment strategies
Knowledge of common information security management frameworks
Strong analytical skills to analyze security requirements and relate them to appropriate security controls
Strong business acumen and project management capability, to manage multiple small projects
Benefits for Senior Security Engineer:
Unlimited vacation Days
401k match up to 6% and it is fully vested after 2 years
If you are single 100 percent of your health plan is covered. If you have a family they will cover 75% of your plan.
Up to 250/yr on gym membership
Pet insurance 100% paid
Frequently catered lunch and breakfast as well as fully stocked kitchens.
Security Architect
Information Technology
No Preference
Contract To Hire
Other
2
Candidate Requirements
-
-
Walkin Information
-
-
-
Recruiter Details
Dough Klares
1350 Broadway, Suite 2205,
NEW YORK-10018, NY,
US
-