Security Specialist
- Project Management Skills
* Excellent written and verbal skills- Executive communication
* Well versed with common security management frameworks (NIST, PCI DSS, ISO 27000)
* Experience with the Management of security tools.
* Analysis of information security logs
Description:
The primary purpose of this position is to coordinate the corrective actions defined in remediation plans, results of penetration tests, and post incident eradication work and drive those actions to resolution. This is a key role responsible to track all outstanding corrective actions and partner with appropriate remediation team to ensure actions are completed on schedule. The corrective actions will be identified by other entities; however, it will be the responsibility of the corrective action governance team to ensure awareness and completion by the owners occurs within the prescribed timelines. Strong project management skills and collaboration capabilities will be required to ensure resolution of these gaps in a matrix environment. Developing metrics will be critical to show effective progress and status.
* Assist in the development, maintenance, and enhancement of the GIS Corrective Action Governance program.
* Understand information controls and how they apply to the environment.
* Understand ever changing environment to ensure an effective and timely response.
* Apply project management expertise across multiple simultaneous corrective actions.
* Oversee reporting on a dynamic list of corrective actions.
* Partner on high and critical priority corrective actions based upon risks and exposure to the Disney environment
* Partner with Security/Compliance/Technical Support experts to ensure effective corrective action solutions/plans are logged and updated.
* Partner with remediation teams (DTSS Delivery, Business Unit Delivery, Suppliers, and Security/compliance organizations) to ensure corrective actions status are updated and completed as scheduled.
* Oversee the status of all on-going corrective action efforts and report out on a regular basis.
* Develop/manage program metrics/KPIs which are provided to BU Segments and DTSS leadership.
* Stay abreast of Industry Security and Compliance events and issues to maintain an effective knowledge of risks and solutions.
* Seek to continuously improve efficiencies and relationships with Security, Compliance, BU’s and Technical Support organizations.
* Seek to continuously improve efficiencies related to vendor management.
* Ability to build and maintain constructive working and communications relationships with a diverse community of technical and non-technical audiences.
* Ability to articulate IT compliance requirements and design IT controls frameworks.
* Excellent planning and organization skills. Ability to focus/align tasks around critical initiatives in a time effective manner.
* Ability to coach and develop junior staff including basic quality review of work of others
* Excellent verbal, written, and presentation skills.
* Ability to develop and deliver presentations providing internal training on compliance matters.
* SharePoint administration, Excel, PowerPoint
* Ability to work in large global environments spanning multiple time-zones.
* Proven track record of successfully managing and implementing programs and projects.
* High standard of performance, attention to detail and commitment to excellence
* Thorough, good follow up and follow thru
* Demonstrated initiative and good judgment
* Self-starter with leadership skills and the ability to manage multiple tasks concurrently
* * Ability to travel as required
Basic Qualifications:
- 5+ years of IT security and/or IT compliance or IT technical support experience
* 3+ years of program and project management experience
* Expert level of organizational skills working within a matrix organization.
* Knowledge of laws, regulations, and industry requirements related to Information Security (i.e. EU Safe Harbor Directive, Payment Card Industry, Domestic and International Privacy regulations)
* Working knowledge and experience with diverse IT architectures and enterprise IT data centers, external hosted services and cloud computing environments. Knowledge and experience with physical and virtual server configurations and implementations.
* Knowledge of configuration management, change control/problem management integration, risk assessment and acceptance, exception management and security baselines (e.g. COBIT, CIS Baselines, NIST, vendor security technical implementation guides, etc.).
* Extensive project/program management and prioritization skills
* Expert level Technical support experience
Preferred Qualifications:
PMP, ITILv3, CPA, CIPT, CISSP, CISA, CISM
- Experienced in security, operations, and audits including but not limited to SSAE16, EU Safe Harbor, PCI, SOX
* Experience working with perimeter technologies (e.g., router, firewalls, web proxies and intrusion prevention, etc.) and security tools (i.e. web application scanners, vulnerability scanners, file integrity monitoring, configuration monitoring, etc.).
Find Us on Facebook!
Follow Us on Twitter!
Beacon Hill is an Equal Opportunity Employer that values the strength diversity brings to the workplace. Individuals with Disabilities and Protected Veterans are encouraged to apply.
Company Profile:
Beacon Hill Technologies, a premier National Information Technology Staffing Group, provides world class technology talent across all industries utilizing a complete suite of staffing services. Beacon Hill Technologies’ dedicated team of recruiting and staffing experts consistently delivers quality IT professionals to solve our customers’ technical and business needs.
Beacon Hill Technologies covers a broad spectrum of IT positions, including Project Management and Business Analysis, Programming/Development, Database, Infrastructure, Quality Assurance, Production/Support and ERP roles.
Learn more about Beacon Hill Staffing Group and our specialty divisions, Beacon Hill Associates, Beacon Hill Financial, Beacon Hill HR, Beacon Hill Legal, Beacon Hill Life Sciences and Beacon Hill Technologies by visiting www.beaconhillstaffing.com.
We look forward to working with you.
Beacon Hill. Employing the Futureā¢