SHI • Albany, NY 12260
Job #2716400008
Job Summary
The Lead Security Controls Assessor conducts comprehensive assessments of the organization's security controls within the information technology system to determine the overall effectiveness of the controls. The candidate chosen will be a key member of our IT Compliance Team within Information Security.
As the Lead Security Controls Assessor, you will work closely with the Information Security and IT departments to assess and validate the organizations security controls and compliance to applicable standards. This role will provide advisory support and recommendations on how to remediate potential gaps and issues to meet compliance objectives and security standards.
This position will report tothe Sr. Manager of IT Compliance. This position is a remote position with Home Office setup as determined by SHI management.
About Us
Since 1989, SHI International Corp. has helped organizations change the world through technology. We've grown every year since, and today we're proud to be a $14 billion global provider of IT solutions and services.
Over 17,000 organizations worldwide rely on SHI's concierge approach to help them solve what's next. But the heartbeat of SHI is our employees - all 6,000 of them. If you join our team, you'll enjoy:
Our commitment to diversity, as the largest minority- and woman-owned enterprise in the U.S.
Continuous professional growth and leadership opportunities.
Health, wellness, and financial benefits to offer peace of mind to you and your family.
World-class facilities and the technology you need to thrive - in our offices or yours.
Responsibilities
Manage security controls assessments including kickoff, submission of deliverables, final report, and executive briefing;
Conduct controls assessments of existing security measures and identify areas for improvement
Lead assessment interviews, testing, and coordinate evidence requests;
Conduct audits to ensure that security controls are implemented correctly and operating effectively;
Establish policies and procedures based on industry standards and compliance objectives;
Perform security risk assessments of new technologies and third party vendors to determine potential impact on security;
Monitor and evaluate a system's compliance with security, resilience, and dependability requirements;
Perform security reviews and identify security gaps in architecture resulting in recommendations for inclusion in the risk management strategy;
Perform security risk analysis whenever an application or system undergoes a major change;
Plan and conduct security authorization reviews and assurance case development for initial installation of systems and networks;
Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations;
Produce quality deliverables in a timely fashion;
Prepare metrics and reports for management on the status of IT Compliance objectives;
Produce documentation and diagrams as needed;
Represent the Information Security Team by participating directly with projects and provide guidance, requirements and documentation for security related purposes when requested;
Evaluate, document and maintain standards, processes and procedures relative to security and privacy;
Provide insightful recommendations to improve security posture.
Qualifications
5 years experience in Cybersecurity
Minimum 3 years' experience in a Security Controls Assessor position
Bachelor's degree in information technology or equivalent experience
Security certification such as CISA, CISM, and CISSP.
Experience with security and privacy standards (PCI, ISO27001, SOC2, NIST, GDPR, CCPA, etc.)
Required Skills
Able to meet deadlines and manage multiple projects
Able to build and foster strong working relationships
Able to present information on technical subjects in an understandable manner in both oral and written form
Able to take ownership of a project through the life cycle
Able to work independently, self-motivated
Proficient computer skills required, experience using Microsoft applications (Word, Excel, PowerPoint, Visio and Outlook)
Experience with ServiceNow or other GRC application a plus
Excellent communication and organizational skills
Certifications Required
Additional Information
The estimated annual pay range for this position is $90,000- $110,000. The compensation for this position is dependent on job-related knowledge, skills, experience, and market location and, therefore, will vary from individual to individual. Benefits may include, but are not limited to, medical, vision, dental, 401K, and flexible spending.
Equal Employment Opportunity - M/F/Disability/Protected Veteran Status
Job Wrapping 2
#INDBT
Refer a friend to this job (~~~)
Need help finding the right job?
We can recommend jobs specifically for you!
Job Locations US-Remote
Requisition ID 2024-16275
Approved Min (Total Target Comp) USD $90,000.00/Yr.
Approved Max (Total Target Comp) USD $110,000.00/Yr.
Compensation Structure Flat Base
Category Information Technology
SHI • Albany, NY 12260 • 7 Days Ago
SHI • Albany, NY 12260 • 7 Days Ago
SHI • Albany, NY 12260 • 4 Days Ago
SHI • Albany, NY 12260 • 5 Days Ago
Navarro Inc. • Schenectady, NY 12301 • Oct 16
Target • Schenectady, NY 12309 • Oct 8
Paragon • Albany, NY 12205 • Sep 6
Allied Universal • Albany, NY 12205 • Oct 5