Let’s Connect Today!

NextGen Person

Cyber Security Risk Management Specialist in St. Louis, MO at NextGen

Date Posted: 4/7/2018

Job Snapshot

Job Description

The Security Risk Management Specialist will support our global Information Security Risk Management initiatives. This role will work with management in developing strategy and the Information Security governance program, identifying and assessing risks to our assets. The ideal candidate for this position is a proven thought leader, problem solver and integrator of people and processes, as well as an effective internal consultant.




Principal Functional Responsibilities



  • This role will primarily be responsible for maturing the Cyber Risk Management program. Additional responsibilities may include leading process improvement activities, participating in information security assessment special projects and other assessment related activities.

  • Efficiently and effectively identify, evaluate and manage risks with the Cyber Risk Management Program.

  • Aggregate security information across business units, silos and objectives in an accessible and actionable manner and build and deliver reports to stakeholders.

  • Assess and recommend policies, standards, procedures, and controls to assure the confidentiality, integrity, and availability of the information technology environment.

  • Support the development and management of our Enterprise Cyber Risk Register.

  • Develop risk/vulnerability assessment programs and questionnaires to aid in the identification and mitigation of security risks.

  • Identify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholders.

  • Work with IT to review systems and processes for compliance with security requirements and apply industry best practices such as ISO 27001 and NIST collections of standards.




Qualifications


Education/Language



  • Bachelor's degree in Computer Science, Information Security, or related field (or appropriate experience).

  • Fluent in English, additional languages are a plus


Experience/Skills



  • 5-10 years of experience in Information Security roles (i.e. security assessments/analysis, risk management, compliance)

  • Working knowledge and understanding of information security frameworks/standards (e.g., ISO27001, NIST, COBIT, PCI, etc.)

  • Must possess excellent oral and written communication skills and the ability to communicate in both technical and business terms.

  • Ability to simultaneously handle multiple projects, adjust to changing priorities while multitasking effectively.

  • Critical thinker, self-directed with proven ability to collaborate and influence change

  • Must possess the ability to develop presentations and deliver them to senior management

  • Professional certifications in Information Security, Risk Management and/or Compliance preferred (e.g., Security+, CISSP, CISA, CISM, CRISC, etc.).