The #1 Site for IT and Engineering Jobs - search all IT and Engineering  jobs.
Mg255c6mp85phzxfrgb

Senior Cyber Risk Analyst

Job Description

Job Purpose:

Assist the Cyber Governance Manager (“Manager”) with the execution of NIST Cybersecurity framework for risk management through the identification, assessment, maturity measurement, monitoring and management of cyber risk across Securus and the subsidiaries. The role is responsible for the Cybersecurity program governance activities including security requirements management, risk assessments, training and awareness, policy and standards management, and KPI/metrics reporting.



Responsibilities

Essential Duties:

  • Be a champion for the CyberSTARR (Cyber Security Technology Assessment Risk Reduction) program.
  • Design cybersecurity requirements for adoption by the EPMO during planning, functional, technical requirement phase, user story creation, grooming, and design
  • Lead and assist Business and IT team with designing the environment to conform to the Securus Cybersecurity NIST CSF.
  • Conduct information systems, process, and vendor risk assessments using the NIST CSF
  • Conduct the 2nd line of defense security assessment, identify trends, and generate executive level and actionable reports on findings.
  • Lead efforts in identifying, managing, configuring, and monitoring vulnerability/penetration assessments tests and Plan of Action & Milestones
  • Implement key performance and metrics across the Cybersecurity program.
  • Promote and facilitate cyber risk, security awareness, phishing campaigns, security newsletters publications, and training programs.
  • Work with the Sales Team to analyze security questionnaires and provide a timely response to all RFPs.
  • Manage vendor relationships and maintain an IT Vendor Management Office by ensuring core security requirements and thresholds are baked in all contracts.
  • Conducts periodic security reviews and monitoring of vendors and outsourced activities to ensure contractual commitments are met consistently.
  • Create a detailed Security assessments/characterizations playbook for all technology acquisition. Provide security advice to all teams engaged in the integration.
  • Serve as primary liaison between Cybersecurity team and Business Stakeholders
  • Work closely with leaders across functional areas to ensure security standards, policies, and procedures are deeply embedded and understood.

Knowledge, Skills, and Abilities:

  • Occasional travel to subsidiary offices across North America may be required.
  • Prioritize work activities and use time efficiently, work with urgent deadlines.
  • Flexibility and adaptability in work approach
  • Excellent influencing and problem resolution skills
  • Must have very strong organizational skills.
  • Excellent communications skills with the ability to express technical concepts effectively, both verbal and in written form
  • Advanced Microsoft Office skills – PowerPoint, Excel, Outlook, and Word.
  • Strong subject matter expertise in risk management, governance, risk and Compliance (GRC)
  • Excellent problem solving, analytical, critical thinking, decision-making, communication, organization, task and time management skills.
  • Ability to manage multiple, concurrent projects.
  • Prioritize tasks, work independently, and meet deadlines with minimal supervision
  • Proficient with Microsoft Office Suite
  • Knowledge and experience with various standards (NIST CsF, PCI-DSS, SOX, FISMA, HIPAA etc.)
  • Experience with risk-centric standards/frameworks
  • Working knowledge of network infrastructure and security monitoring tools.


Qualifications

Minimum Qualifications:

  • 7+ years’ experience in Information Technology; 7+ in an Information Security role.
  • Information Security certification required. Security certifications may include, but not be limited to CISSP, CISA, CISM, GSEC, Security+, and CEH.
  • Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting

Preferred Qualifications:

  • 9+ years’ experience in Information Technology; 9+ in an Information Security role.
  • Experience / Certification in project management.
  • Industry standard Information Security Management Certification; i.e. CISSP, CISM

Physical Requirements:

Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools.  May be required to lift up to 25 pounds.  The Company’s policy is to provide equal employment opportunity to all individuals in all of its employment programs and decisions. Securus Technologies, Inc., and its Subsidiaries will not discriminate against any associate or qualified job applicant with respect to any terms, privileges, or conditions of employment because of that person’s race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic or status protected under local, state or federal law, ordinance or regulation.

Job Requirements

 

Job Snapshot

Location US-TX-Carrollton
Employment Type Full-Time
Pay Type Year
Pay Rate N/A
Store Type Other
Apply

Company Overview

Securus Technologies

Securus Technologies provides leading edge civil and criminal justice technology solutions that improve public safety and modernize the incarceration experience. Thousands of public safety, law enforcement and corrections agencies rely on Securus for secure, simple and powerful technology solutions that are always accessible and easy to use. With hundreds of patents and scores of engineers, technologists, designers and thinkers innovating solutions, the technology here is second to none. Learn More

Contact Information

US-TX-Carrollton
Snapshot
Securus Technologies
Company:
US-TX-Carrollton
Location:
Full-Time
Employment Type:
Year
Pay Type:
N/A
Pay Rate:
Other
Store Type:

Job Description

Job Purpose:

Assist the Cyber Governance Manager (“Manager”) with the execution of NIST Cybersecurity framework for risk management through the identification, assessment, maturity measurement, monitoring and management of cyber risk across Securus and the subsidiaries. The role is responsible for the Cybersecurity program governance activities including security requirements management, risk assessments, training and awareness, policy and standards management, and KPI/metrics reporting.



Responsibilities

Essential Duties:

  • Be a champion for the CyberSTARR (Cyber Security Technology Assessment Risk Reduction) program.
  • Design cybersecurity requirements for adoption by the EPMO during planning, functional, technical requirement phase, user story creation, grooming, and design
  • Lead and assist Business and IT team with designing the environment to conform to the Securus Cybersecurity NIST CSF.
  • Conduct information systems, process, and vendor risk assessments using the NIST CSF
  • Conduct the 2nd line of defense security assessment, identify trends, and generate executive level and actionable reports on findings.
  • Lead efforts in identifying, managing, configuring, and monitoring vulnerability/penetration assessments tests and Plan of Action & Milestones
  • Implement key performance and metrics across the Cybersecurity program.
  • Promote and facilitate cyber risk, security awareness, phishing campaigns, security newsletters publications, and training programs.
  • Work with the Sales Team to analyze security questionnaires and provide a timely response to all RFPs.
  • Manage vendor relationships and maintain an IT Vendor Management Office by ensuring core security requirements and thresholds are baked in all contracts.
  • Conducts periodic security reviews and monitoring of vendors and outsourced activities to ensure contractual commitments are met consistently.
  • Create a detailed Security assessments/characterizations playbook for all technology acquisition. Provide security advice to all teams engaged in the integration.
  • Serve as primary liaison between Cybersecurity team and Business Stakeholders
  • Work closely with leaders across functional areas to ensure security standards, policies, and procedures are deeply embedded and understood.

Knowledge, Skills, and Abilities:

  • Occasional travel to subsidiary offices across North America may be required.
  • Prioritize work activities and use time efficiently, work with urgent deadlines.
  • Flexibility and adaptability in work approach
  • Excellent influencing and problem resolution skills
  • Must have very strong organizational skills.
  • Excellent communications skills with the ability to express technical concepts effectively, both verbal and in written form
  • Advanced Microsoft Office skills – PowerPoint, Excel, Outlook, and Word.
  • Strong subject matter expertise in risk management, governance, risk and Compliance (GRC)
  • Excellent problem solving, analytical, critical thinking, decision-making, communication, organization, task and time management skills.
  • Ability to manage multiple, concurrent projects.
  • Prioritize tasks, work independently, and meet deadlines with minimal supervision
  • Proficient with Microsoft Office Suite
  • Knowledge and experience with various standards (NIST CsF, PCI-DSS, SOX, FISMA, HIPAA etc.)
  • Experience with risk-centric standards/frameworks
  • Working knowledge of network infrastructure and security monitoring tools.


Qualifications

Minimum Qualifications:

  • 7+ years’ experience in Information Technology; 7+ in an Information Security role.
  • Information Security certification required. Security certifications may include, but not be limited to CISSP, CISA, CISM, GSEC, Security+, and CEH.
  • Experience with threat assessment, vulnerability analysis, risk assessment, information gathering, correlating and reporting

Preferred Qualifications:

  • 9+ years’ experience in Information Technology; 9+ in an Information Security role.
  • Experience / Certification in project management.
  • Industry standard Information Security Management Certification; i.e. CISSP, CISM

Physical Requirements:

Standing, sitting, walking, speaking, listening, bending, reaching, pushing, pulling, lifting, grasping and manipulating tools, typing, using peripheral computer tools.  May be required to lift up to 25 pounds.  The Company’s policy is to provide equal employment opportunity to all individuals in all of its employment programs and decisions. Securus Technologies, Inc., and its Subsidiaries will not discriminate against any associate or qualified job applicant with respect to any terms, privileges, or conditions of employment because of that person’s race, color, religion, sex, national origin, age, disability, veteran status, genetic information, sexual orientation, gender identity, or any other characteristic or status protected under local, state or federal law, ordinance or regulation.

Job Requirements

 
M4754570lxfxn3g1hqn
Sologig Advice

For your privacy and protection, when applying to a job online: Never give your social security number to a prospective employer, provide credit card or bank account information, or perform any sort of monetary transaction.Learn More

By applying to a job using sologig.com you are agreeing to comply with and be subject to the workinretail.com Terms and Conditions for use of our website. To use our website, you must agree with theTerms & Conditionsand both meet and comply with their provisions.
Senior Cyber Risk Analyst Apply now