Job Details

Home

Security GRC Specialist ::: Austin, TX Hybrid ::: C2C :: Any except H1B, CPT,OPT at Austin, Texas, USA

http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=609754&uid=

From:

Pravesh Kumar,

Sibitalent

[email protected]

Reply to:   [email protected]

Position    :

Security GRC Specialist

Location   :

Austin, TX (Hybrid)

Type          :

C2C/W2

Duration   :

6
+ Months

Visa            :

Any except H1B, CPT,OPT

Job Description:

The Security GRC Specialist Contractor serves on the Governance, Risk, Compliance (GRC) team, leads & executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical & non-technical management & the user community) and performs key risk management functions within the Security Governance department. Primary functions include lifecycle management of client responses, Policy & Standards lifecycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platforms and program management.

WHAT YOU'LL NEED:

Bachelor's degree or in lieu of degree, 5 years of work experience in IT Security.

5+ years of IS Governance, Risk, Compliance (GRC) work experience.

Strong knowledge of Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG, etc.

Technical writing experience is required. Specifically, the following types of writing: instructional content, educational writing, and technical writing.

Core Qualifications (Required)

Experienced managing timelines and being self-directed.

Interview, gather, and understand content from subject-matter experts.

Maintain accurate records and manage client security and risk requests.

Ability to perform as primary Security Subject Matter Expert (SME).

Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation.

Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the organization's security program and controls.

Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents.

Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management, and non-technical users.

Communicates succinctly and effectively.

Strong organization and critical thinking skills required.

Strong project and time management skills required.

Strong reading comprehension skills required.

Strong analytical ability with excellent written and verbal communication skills required.

Strong PC skills with Microsoft (i.e., Word, Excel, PowerPoint) required.

Ability to work independently and as a group member.

Technologies/Software (Required):

Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options.

Strong knowledge of risk management principles and practices.

Strong knowledge of security administration and role-based security controls.

Strong knowledge and use of GRC platforms.

Knowledge of host and network-based anti-malware technologies.

Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote.

Knowledge of client and server firewalling technologies and capabilities.

Knowledge of security event management (SIEM), event correlation and analysis technologies.

Knowledge of data encryption technologies.

Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities.

Knowledge of web filtering and email SPAM prevention techniques.

Knowledge of vulnerability assessment and forensic investigations tools.

Knowledge of mobile device security and Mobile Device Management solutions.

Knowledge of Privileged Access Management technologies.

Preferred Qualifications (Nice to have)

Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are highly preferred.

Prior IT Security experience in the legal industry experience is preferred.

Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred.

SharePoint administration is preferred for team intranet site management.

Thanks & Regards

Pravesh Kumar

Technical Recruiter

Email :
[email protected]

Keywords: information technology wtwo Texas
http://bit.ly/4ey8w48
https://jobs.nvoids.com/job_details.jsp?id=609754&uid=

[email protected]
View All

03:14 AM 07-Sep-23

To remove this job post send "job_kill 609754" as subject from [email protected] to [email protected]. Do not write anything extra in the subject line as this is a automatic system which will not work otherwise.

Your reply to [email protected] -

To

Subject
Message -

pkumar@sibitalent.com wrote:
From:

Pravesh Kumar,

Sibitalent

pkumar@sibitalent.com

Reply to:   pkumar@sibitalent.com

Position     :

Security GRC Specialist

Location    :

Austin, TX (Hybrid)

Type           :

C2C/W2

Duration   :

6
+ Months

Visa            :

Any except H1B, CPT,OPT

Job Description:

The Security GRC Specialist Contractor serves on the Governance, Risk, Compliance (GRC) team, leads & executes the programs within the GRC team, is a subject matter expert for Information Security (consulting to technical & non-technical management & the user community) and performs key risk management functions within the Security Governance department. Primary functions include lifecycle management of client responses, Policy & Standards lifecycle management, Security Vendor Risk program management, Security Awareness, Controls Assurance, and GRC platforms and program management.

WHAT YOU'LL NEED:

Bachelor's degree or in lieu of degree, 5 years of work experience in IT Security.

5+ years of IS Governance, Risk, Compliance (GRC) work experience.

Strong knowledge of Security frameworks and technologies such as ISO 27001, NIST, SOC, SIG, etc.

Technical writing experience is required. Specifically, the following types of writing: instructional content, educational writing, and technical writing.

Core Qualifications (Required)

Experienced managing timelines and being self-directed.

Interview, gather, and understand content from subject-matter experts.

Maintain accurate records and manage client security and risk requests.

Ability to perform as primary Security Subject Matter Expert (SME).

Ability to facilitate and lead project and vendor risk assessments with relative independence and provide guidance on secure design and operation.

Ability to independently complete and assist in completing client security questionnaires and security assessments concerning the organization's security program and controls.

Demonstrate the ability to create and maintain security policy, standard, guideline and procedure documents.

Demonstrate the ability to communicate effectively technical topics at an appropriate level of detail to varied audiences - including IT Subject Matter Experts, senior management, and non-technical users.

Communicates succinctly and effectively.

Strong organization and critical thinking skills required.

Strong project and time management skills required.

Strong reading comprehension skills required.

Strong analytical ability with excellent written and verbal communication skills required.

Strong PC skills with Microsoft (i.e., Word, Excel, PowerPoint) required.

Ability to work independently and as a group member.

Technologies/Software (Required):

Broad awareness of and exposure to diverse security tools and their capabilities, including commercial and open-source options.

Strong knowledge of risk management principles and practices.

Strong knowledge of security administration and role-based security controls.

Strong knowledge and use of GRC platforms.

Knowledge of host and network-based anti-malware technologies.

Knowledge of authentication technologies and interactions between diverse authentication platforms, both on-site and remote.

Knowledge of client and server firewalling technologies and capabilities.

Knowledge of security event management (SIEM), event correlation and analysis technologies.

Knowledge of data encryption technologies.

Strong knowledge of Intrusion Detection and Intrusion Prevention technical capabilities.

Knowledge of web filtering and email SPAM prevention techniques.

Knowledge of vulnerability assessment and forensic investigations tools.

Knowledge of mobile device security and Mobile Device Management solutions.

Knowledge of Privileged Access Management technologies.

Preferred Qualifications (Nice to have)

Certified Information Systems Security Professional (CISSP), Certified Information Security Auditor (CISA), Certified Information Security Manager (CISM), or other relevant training and certifications are highly preferred.

Prior IT Security experience in the legal industry experience is preferred.

Governance, Risk, and Compliance (GRC) tool management (Administrative and/or Engineering) is preferred.

SharePoint administration is preferred for team intranet site management.

Thanks & Regards

Pravesh Kumar

Technical Recruiter

Email : 
pkumar@sibitalent.com

Keywords: information technology wtwo Texas

Your email id:

Captcha Image:

Captcha Code:

Pages not loading, taking too much time to load, server timeout or unavailable, or any other issues please contact admin at [email protected]

Time Taken: 8

Location: Austin, Texas