New York, NY
10 days ago
Cyber Security Principal
Cyber Security Principal
100% Remote
Pay: $105-110/hr

Cyber Security Principal plans, designs and/or recommends security solutions and capabilities that enable the organization to identify, protect, respond and recover from cyber threats and vulnerabilities in an off-shore/outsourcing environment.

In this role, you will drive and lead security and risk prevention solutions and programs for the Third Party Cyber Risk Management Program (TPCRM) in partnership with key technology stakeholders from the broader cyber and technology organization. Success in this role means you will have built strong collaborative relationships, effectively mitigated risks, ensured compliance with security standards, and implemented robust solutions and requirements that consisitently enhance the security of the overall TPCRM program.

Assess complex IT environments and mapping the data flow through systems/applications and organization functions
Identify and evaluate complex business and technology risks, internal control risk management, IT controls and related standards
Define, develop and implement security solutions/requirements within the TPCRM outsourcing program by utilizing NITS framework, etc. (off-shore/near-shore) . Initiate and drive risk reduction solution/requirements through operational best practices and technology improvements in partnership with the broader cyber and technology organization
Be an advocate for key business stakeholders by uncovering security risks within internal processes, technologies, and partnerships and developing a plan to manage and remediate those risks
Lead technical implementation requirements for our TPCRM outsourcing program, ensuring they are aligned with the broader cyber organization processes and standards
Hypothesize, socialize and seek feedback on security programs with various cross-functionals partners (network, endpoint, virtualized platforms, infrastructure). Establish security controls to ensure protection of off-shore systems and delivery centers
Consult on outsourcing MSA and SOW contract language to ensure security, reliability, and IT requirments are aligned with TPCRM security standards in partnership with business, legal, sourcing, privacy and IT stakeholders

Skills:
You have at least 7 years’ experience working in cybersecurity, with a focus on governance, risk, and compliance. Consideration will be given for equivalent combined experience in an IT, Risk Management or technology management capacity.
You have working knowledge of general IT and business processes and familiarity with organizational technology landscapes.
Hands-on technology administration is not required, but sufficient familiarity to participate in technical discussions is critical.
You have a deep understanding of cyber risk assessment and risk management, and familiarity with cybersecurity- and privacy-related regulatory compliance requirements, industry standards and frameworks (NIST, PCI, ISO, etc.), and key technical concepts (e.g., networking, protocols, cloud technologies).

Preferred: You have demonstrated working knowledge of at least one of the following – SSDLC, secure architecture design, threat modelling, data privacy, AI security, cloud security.
  #LI-JB1
Confirm your E-mail: Send Email