| Information Security Engineer at Phoenix, Arizona, USA |
| Email: [email protected] |
|
http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=266822&uid= From: John, Fluxtek [email protected] Reply to: [email protected] Role: Information Security Engineer Location: Phoenix, AZ(Initial remote upto 3-4 months after that it is onsite) Duration: Logn Term Contract JD: The ideal candidate is Knowledgeable in multiple areas of technology, with hands-on experience and technical expertise across all Information Security domains Experienced with local, national, and international financial services and privacy regulations, such as GLBA, NYDFS, GDPR, CCPA, etc. and credit card industry standards, such as PCI-DSS. An agile thinker, passionate and energetic; highly collaborative, possessing strong cultural awareness and fantastic written and verbal communication skills Primary Responsibilities Provide Information Security subject matter expertise to General Counsel Organization, Third Party Lifecycle Management, Global Procurement, and Global Business Units organizations for the inclusion of Information Security and IT Risk requirements into third party supplier and non-supplier contracts Negotiate cybersecurity contractual addendums, riders, etc. directly with third party account managers, attorneys, and information security staff; effectively communicate American Express requirements to technical and non-technical representatives of third parties Facilitate alignment across internal and external third party stakeholders Evaluate criticality of issues and advise internal stakeholders with a risk-based approach and an understanding of Business objectives Additional Responsibilities Provide feedback to leadership, including regular reporting and metrics, in order to assist with the governance and overall growth of the third party security program Provide guidance during risk acceptance process relating to third parties Understand cybersecurity and regulatory issues specific to the third party landscape by connecting with peers, experts, standards organizations, and industry forums Provide training, including the development of training materials, to internal stakeholders Partner with internal stakeholders to develop, improve, and document processes Assist with and participate in third party cyber incident response and outreach activity as needed Qualifications 7-10 years of experience, in positions of increasing responsibility, in Information Security risk assessments, cyber security operations, threat and vulnerability management, security architecture, or cyber security incident response Prior experience with contract negotiation Ability to effectively communicate and articulate Information Security risks Understanding of what information or assets are of value to threat actors and how organizations and data are breached, including through relationships with external third parties Strong familiarity with industry standards and control frameworks, risk assessment frameworks, security assurance auditing standards, best practices guidelines, such as ISO27001, NIST CSF, FAIR, SSAE16/18, CSA, CIS Top 20, OWASP Top 10, etc. Understanding of and experience with modern security controls, technologies, and procedures, including: vulnerability scanning, penetration testing, encryption, endpoint and anti-malware protection, network security, DLP systems, logging systems, physical security systems etc. Strong familiarity with cloud based services, architectures, and underlying management frameworks Familiar with network architectures and data exchange protocols, such as API usage, secure file transfers, etc. Familiar with cyber resiliency, disaster recovery, and business continuity concepts Basic understanding of cyber incident response, investigation, and forensic analysis Must have excellent verbal and written communication skills, interpersonal collaborative skills, and the ability to communicate security and risk-related concepts to technical and non-technical audiences. Must possess the ability to multitask, prioritize, and manage time effectively Must be able to pay strong attention to detail Bachelor's degree in Cybersecurity, Computer Science or Information Systems, or equivalent combination of education and experience preferred CISSP, CISM or similar certifications preferred Thanks & Regards..... John Chinthala Technical Recruiter - Fluxtek Solutions Inc D : 832 - 361 - 3756 Ext : 258 Whatsapp :+1 (832) 558 - 4407 E: [email protected] https://www.linkedin.com/in/john-sung-chinthala-7b6b9523a/ Certified Woman-Owned Business Enterprise (WMBE) Keywords: information technology http://bit.ly/4ey8w48 https://jobs.nvoids.com/job_details.jsp?id=266822&uid= |
| [email protected] View All |
| 11:33 PM 10-Jan-23 |