| Cybersecurity Risk Management Program Lead - Need Local to CA at Remote, Remote, USA |
| Email: [email protected] |
| Role: Cybersecurity Risk Management Program Lead Location: 4 days onsite per week - Rocklin, CA or San Francisco, CA Work Authorization: No Restriction open to all Contract Top Requirements: Retail Experience Supply Chain Experience if no retail Deep compliance experience Need someone to come in a tailor the cybersecurity framework to the NIST standard Current framework we are using a tool-based approach Risk module within Service now GRC (out of the box risk assessment platform) Strong background in cybersecurity, risk management, and regulatory compliance Experience with a wide range of technology anticipate potential risks in a variety of technical Platforms UNIX/Linux, AS400, Windows Applications E-comm, retail, stores, corporate shared services, PCI requirements, SOX requirements Identify the kinds of risks that a multi-channel retailer is susceptible to Experience in presenting cybersecurity risk into business language board of directors/non-technical Experience with Mitre Attack Framework Bachelor's degree in Cybersecurity, Information Technology, Computer Science, or a related field. or equivalent experience Minimum of 7-10 years of experience in cybersecurity, with at least 5 years in a risk management role Proven experience in leading cybersecurity risk management programs Federal or Military risk management program experience is a big plus In depth knowledge of risk assessment and risk analysis Experience in the retail industry a plus Experience in a leadership role within a medium to large organization Understand information security holistically and how it relates to business goals Excellent written, oral, and interpersonal communications skills with proven ability to champion causes with positive impact and change Strong analytical skills Extensive knowledge and experience with information security standards and methodologies, including NIST 800-53, NIST CSF, PCIDSS, ISO 9000 series, COBIT, Sarbanes Oxley, HIPAA, and other relevant industry security standards Nice to have: CISSP, CISM, CRISC or similar certification [e.g., GIAC Certified ISO-17799 Specialist (G7799)] Privacy Certification (e.g., Certified Information Privacy Professional) Experience interfacing with and communicating information on complex privacy and security compliance issues to senior management and business units and external parties Experience with the ServiceNow Integrated Risk Management (IRM) tool Experienced in reviewing contracts for security risks and negotiating security terms with third parties Thanks, Prashanth -- Keywords: information technology wtwo California Cybersecurity Risk Management Program Lead - Need Local to CA [email protected] |
| [email protected] View all |
| Mon Oct 28 21:06:00 UTC 2024 |