What you’ll be doing...
This position will be part of the Corporate Information Security Team focused on security governance and assurance. Specifically, this role will work with security leaders and business stakeholders to drive the security governance framework, facilitate adoption of security controls and standards and provide situational awareness to stakeholders regarding security risk management efforts. Candidate must be able to work independently with minimal supervision, interact effectively with IT, security, and business leaders, and apply sound information security risk management practices.
This role is responsible for actively assisting teams responsible for building, operating, and managing information assets to effectively manage their information security risks. Responsibilities will include:
Effectively navigate diverse perspectives and promote an inclusive and collaborative environment to realize beneficial security governance solutions.
Facilitate security governance conversations with diverse security, IT and business stakeholders and help ensure positive and deliberate outcomes.
Manage project tasks with urgency and purpose to allow for swift movement in developing governance related initiatives.
Assimilate complex qualitative and quantitative sources of security governance frameworks and provide recommendations that solve security governance related challenges.
Actively participate in developing security governance framework materials (policies, controls, standards) to drive consistent security risk treatment across the enterprise.
Deliver and report key metrics to provide stakeholders situational awareness regarding enterprise control and standards adoption.
Consistently deliver high quality work products that fully address the criteria for which they were intended, requires minimal modification.
Decompose complex security processes and solutions to identify relevant risk areas, potential control points, and provide sound recommendations for risk treatment.
As a contributor, takes ownership for assigned areas of responsibility and effectively manages work load to meet team deadlines.
Clearly and concisely communicates in written form and verbally to leadership and executives.
Project confidence, poise and competence under pressure while interacting with team members, partners and IT liaisons.
What we’re looking for...
You'll need to have:
Bachelor’s degree or four or more years of work experience.
Four or more years of relevant work experience.
Experience in Information Security, Technology, IT Operations, or Security Risk Management.
Even better if you have:
Bachelor’s degree in Information Systems, Technology or related field.
Certifications: CRISC, PMP, CISSP, CISM.
Knowledge of emerging technology and the security governance implications.
Demonstrated understanding of cyber security risk management concepts, cybersecurity frameworks, control standards, secure coding principles, and security technologies.
Knowledge of information security fundamentals, best practices and industry standards with prior responsibilities of protecting information assets.
Solid understanding of Verizon business operations and knowledge of the foundational technologies used across environments.
Proven expertise in security risk management while considering business drivers and implications.