The #1 Site for IT and Engineering Jobs - search all IT and Engineering  jobs.

Information Security Risk Specialist

Job Description

Overview

Our Company:

Lennar Multifamily Communities (LMC), a wholly owned subsidiary of Lennar (NYSE:LEN), is a multifamily real estate development and operating company with a diverse portfolio of institutional quality multifamily rental communities across the US.  Between our completed developments and pipeline, LMC owns and manages over 100 communities across the US that exceeds 33,000 homes and $12 Billion in development costs and consists of high-rise, mid-rise and garden apartments.

Responsibilities

Summary of Position:

As a member of the LMC Operations and Technology Team, the Information Security Risk Specialist will directly support initiatives and activities in the areas of Information Security Risk. The Information Security Risk Specialist will assist in the development and implementation of the Technology and Information Risk Program as well as ensure adherence to management policies, processes, and standards. 

The Information Security Risk Specialist will be accountable for supporting a comprehensive technology and information risk management framework and associated policies and processes, managing information security initiatives, and championing compliance initiatives across LMC.

Principal Duties and Responsibilities:

  • Assist in the development, implementation and administration of the technology and information risk management frameworks, policies, standards, and best practices in support of the LMC Operations and Technology Team.
  • Responsible for the measuring and tracking of in-place controls to support legal and regulatory compliance in the protection of all of LMC’s information assets.
  • Provide support in the identification and evaluation of risks, particularly when evaluating the risk and controls of high-risk systems and applications.
  • Provide education and advisory services to applications/systems/data owners to champion control objectives and benefits.
  • Assist in the development and maintenance of system security plans and contingency plans for all systems within scope.
  • Facilitate the implementation of process changes to address emerging technology and information risk requirements or address weaknesses discovered through monitoring, testing, or audit procedures.
  • Provide technical expertise and assistance with the design, deployment, and maintenance of LMC’s security solutions.
  • Assist in the acquisition and vendor compliance assessment, procurement and evaluation of vendors and products.
  • Participate in the risk assessment to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
  • Review risk and control assessment results and communicate with the application/systems data owners key concerns and questions.
  • Participate in remediation efforts and recommendations as it relates to external and internal security audits.
  • Review risk and control self-assessment results and communicate with the application/systems data owners key concerns and questions.
  • Administrate the Security Awareness program to address identified weakness in team knowledge and enable a strong security awareness culture.
  • Facilitate effective communication between Information Security, IT Operation and other departments and/or business units.
  • Support research and analysis on the impacts on system modifications, technological advances, and malicious code.
  • Apply and maintain understanding of security standards and best practice frameworks.

General Overview of Compensation & Benefits:

  • The median base compensation for this position is estimated to be $105,000.00 [annualized], subject to adjustment based on business-related factors including employee qualifications and operational considerations.
  • This position may be eligible for performance-based bonuses as determined in the Company’s sole discretion.
  • This position will be eligible for company benefits in accordance with Company policy. We offer a competitive total rewards package including medical, dental and vision coverage along with a broad range of supplemental benefits including 401k Retirement Plan, prepaid legal assistance, and more. We also offer paid time off for vacation, sickness, holiday, and bereavement. We are pleased to be able to provide 100% company paid life insurance and long-term disability insurance.
  • This information is intended to be a general overview and may be modified by the Company due to factors affecting the business.

Applicants may apply for this position via our careers website.

Qualifications

Education and Experience Requirements:

  • Bachelor’s in computer science, Information Systems Security, or related field.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) desired.
  • Minimum 2-4 years of experience in a similar role with a proven record of successful development and management of compliance management frameworks at a mid to large-scale enterprise environments.
  • Experience developing frameworks and processes to drive a risk-based approach incorporating standard frameworks such as COBIT, ITIL, ISO and NIST into an enterprise compliance management process.
  • Experience with policy and control development as it relates to meeting compliance requirements from relevant regulations.
  • Capable of maintaining an effective program structure that emphasizes the coordination of resources across projects and managing deliverables between projects.
  • Experience with the development of formal written reports to communicate audit results and recommendations to management and business stakeholders.
  • Experience effectively communicating technical concepts to the business and non-technical individuals.
  • Considerable writing proficiency, oral presentation skills, problem solving and decision-making skills.
  • Excellent verbal and written communication skills, including executive-level presentations.
  • Ability to deal effectively with a wide range of internal and external customers, vendors, service providers, and regulatory agencies.
  • Ability to facilitate productive meetings and work successfully in a team-oriented environment.
  • Have the ability to handle multiple competing priorities in a fast-paced environment.
  • Ability to work well under minimal supervision.
  • Some travel may be required for internal, conference, customer, partner, and vendor meetings.

Physical Requirements:

This is primarily a sedentary office position which requires the Information Security Risk Specialist to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.

 

This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associate. Duties, responsibilities, and activities may change at any time with or without notice.

#CB #EG

Type

Regular Full-Time

Job Requirements

 

Job Snapshot

Location US-KS-Work From Home - Nationwide
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type Other, IT & Technical
Apply

Company Overview

LMC, A Lennar Company

Opportunity awaits at Lennar! As one of America's leading homebuilders, we make it easy to map out your future success with a wide variety of opportunities for career growth in the most desirable real estate markets. We seek spirited, passionate and energetic Team players with an eagerness to learn, a fiery determination to succeed and a burning desire to excel. Learn More

Contact Information

US-KS-Work From Home - Nationwide
Snapshot
LMC, A Lennar Company
Company:
US-KS-Work From Home - Nationwide
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
Other, IT & Technical
Store Type:

Job Description

Overview

Our Company:

Lennar Multifamily Communities (LMC), a wholly owned subsidiary of Lennar (NYSE:LEN), is a multifamily real estate development and operating company with a diverse portfolio of institutional quality multifamily rental communities across the US.  Between our completed developments and pipeline, LMC owns and manages over 100 communities across the US that exceeds 33,000 homes and $12 Billion in development costs and consists of high-rise, mid-rise and garden apartments.

Responsibilities

Summary of Position:

As a member of the LMC Operations and Technology Team, the Information Security Risk Specialist will directly support initiatives and activities in the areas of Information Security Risk. The Information Security Risk Specialist will assist in the development and implementation of the Technology and Information Risk Program as well as ensure adherence to management policies, processes, and standards. 

The Information Security Risk Specialist will be accountable for supporting a comprehensive technology and information risk management framework and associated policies and processes, managing information security initiatives, and championing compliance initiatives across LMC.

Principal Duties and Responsibilities:

  • Assist in the development, implementation and administration of the technology and information risk management frameworks, policies, standards, and best practices in support of the LMC Operations and Technology Team.
  • Responsible for the measuring and tracking of in-place controls to support legal and regulatory compliance in the protection of all of LMC’s information assets.
  • Provide support in the identification and evaluation of risks, particularly when evaluating the risk and controls of high-risk systems and applications.
  • Provide education and advisory services to applications/systems/data owners to champion control objectives and benefits.
  • Assist in the development and maintenance of system security plans and contingency plans for all systems within scope.
  • Facilitate the implementation of process changes to address emerging technology and information risk requirements or address weaknesses discovered through monitoring, testing, or audit procedures.
  • Provide technical expertise and assistance with the design, deployment, and maintenance of LMC’s security solutions.
  • Assist in the acquisition and vendor compliance assessment, procurement and evaluation of vendors and products.
  • Participate in the risk assessment to periodically re-evaluate sensitivity of the system, risks, and mitigation strategies.
  • Review risk and control assessment results and communicate with the application/systems data owners key concerns and questions.
  • Participate in remediation efforts and recommendations as it relates to external and internal security audits.
  • Review risk and control self-assessment results and communicate with the application/systems data owners key concerns and questions.
  • Administrate the Security Awareness program to address identified weakness in team knowledge and enable a strong security awareness culture.
  • Facilitate effective communication between Information Security, IT Operation and other departments and/or business units.
  • Support research and analysis on the impacts on system modifications, technological advances, and malicious code.
  • Apply and maintain understanding of security standards and best practice frameworks.

General Overview of Compensation & Benefits:

  • The median base compensation for this position is estimated to be $105,000.00 [annualized], subject to adjustment based on business-related factors including employee qualifications and operational considerations.
  • This position may be eligible for performance-based bonuses as determined in the Company’s sole discretion.
  • This position will be eligible for company benefits in accordance with Company policy. We offer a competitive total rewards package including medical, dental and vision coverage along with a broad range of supplemental benefits including 401k Retirement Plan, prepaid legal assistance, and more. We also offer paid time off for vacation, sickness, holiday, and bereavement. We are pleased to be able to provide 100% company paid life insurance and long-term disability insurance.
  • This information is intended to be a general overview and may be modified by the Company due to factors affecting the business.

Applicants may apply for this position via our careers website.

Qualifications

Education and Experience Requirements:

  • Bachelor’s in computer science, Information Systems Security, or related field.
  • Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or Certified in Risk and Information Systems Control (CRISC) desired.
  • Minimum 2-4 years of experience in a similar role with a proven record of successful development and management of compliance management frameworks at a mid to large-scale enterprise environments.
  • Experience developing frameworks and processes to drive a risk-based approach incorporating standard frameworks such as COBIT, ITIL, ISO and NIST into an enterprise compliance management process.
  • Experience with policy and control development as it relates to meeting compliance requirements from relevant regulations.
  • Capable of maintaining an effective program structure that emphasizes the coordination of resources across projects and managing deliverables between projects.
  • Experience with the development of formal written reports to communicate audit results and recommendations to management and business stakeholders.
  • Experience effectively communicating technical concepts to the business and non-technical individuals.
  • Considerable writing proficiency, oral presentation skills, problem solving and decision-making skills.
  • Excellent verbal and written communication skills, including executive-level presentations.
  • Ability to deal effectively with a wide range of internal and external customers, vendors, service providers, and regulatory agencies.
  • Ability to facilitate productive meetings and work successfully in a team-oriented environment.
  • Have the ability to handle multiple competing priorities in a fast-paced environment.
  • Ability to work well under minimal supervision.
  • Some travel may be required for internal, conference, customer, partner, and vendor meetings.

Physical Requirements:

This is primarily a sedentary office position which requires the Information Security Risk Specialist to have the ability to operate computer equipment, speak, hear, bend, stoop, reach, lift, and move and carry up to 25 lbs. Finger dexterity is necessary.

 

This description outlines the basic responsibilities and requirements for the position noted. This is not a comprehensive listing of all job duties of the Associate. Duties, responsibilities, and activities may change at any time with or without notice.

#CB #EG

Type

Regular Full-Time

Job Requirements

 
Mx213n6xyq8v0wtz1xh
Sologig Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using sologig.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Information Security Risk Specialist Apply now