Cyber Security Principal

Cyber Security Principal100% RemotePay: $105-110/hrOverview:Cyber Security Principal plans, designs and/or recommends security solutions and capabilities that enable the organization to identify, protect, respond and recover from cyber threats and vulnerabilities in an off-shore/outsourcing environment.Responsibilities:In this role, you will drive and lead security and risk prevention solutions and programs for the Third Party Cyber Risk Management Program (TPCRM) in partnership with key technology stakeholders from the broader cyber and technology organization. Success in this role means you will have built strong collaborative relationships, effectively mitigated risks, ensured compliance with security standards, and implemented robust solutions and requirements that consistently enhance the security of the overall TPCRM program.Assess complex IT environments and map the data flow through systems/applications and organizational functions.Identify and evaluate complex business and technology risks, internal control risk management, IT controls, and related standards.Define, develop, and implement security solutions/requirements within the TPCRM outsourcing program by utilizing NIST framework, etc. (off-shore/near-shore).Initiate and drive risk reduction solutions/requirements through operational best practices and technology improvements in partnership with the broader cyber and technology organization.Be an advocate for key business stakeholders by uncovering security risks within internal processes, technologies, and partnerships and developing a plan to manage and remediate those risks.Lead technical implementation requirements for our TPCRM outsourcing program, ensuring they are aligned with the broader cyber organization processes and standards.Hypothesize, socialize, and seek feedback on security programs with various cross-functional partners (network, endpoint, virtualized platforms, infrastructure). Establish security controls to ensure protection of off-shore systems and delivery centers.Consult on outsourcing MSA and SOW contract language to ensure security, reliability, and IT requirements are aligned with TPCRM security standards in partnership with business, legal, sourcing, privacy, and IT stakeholders.Skills:You have at least 7+ years’ experience working in cybersecurity, with a focus on governance, risk, and compliance. Consideration will be given for equivalent combined experience in an IT, Risk Management, or technology management capacity.You have working knowledge of general IT and business processes and familiarity with organizational technology landscapes.Hands-on technology administration is not required, but sufficient familiarity to participate in technical discussions is critical.You have a deep understanding of cyber risk assessment and risk management, and familiarity with cybersecurity- and privacy-related regulatory compliance requirements, industry standards and frameworks (NIST, PCI, ISO, etc.), and key technical concepts (e.g., networking, protocols, cloud technologies).Preferred:You have demonstrated working knowledge of at least one of the following – SSDLC, secure architecture design, threat modeling, data privacy, AI security, cloud security.

#J-18808-Ljbffr