Senior Security Control Assessor

WME Needs Senior Security Control Assessor

 

Position:
Full-Time
Location: 
Remote
Start Date: 
June 1, 2023
Nationality:
Any

Windows Management Experts (WME) is looking for a Senior Security Control Assessor role. As a Senior Security Control Assessor, you will play a critical role in ensuring the security and compliance of our organization. You will be responsible for conducting security assessments, identifying, and analyzing risks, and providing guidance to stakeholders on remediation strategies. As a key member of our security team, you will lead security assessments of critical systems and applications and ensure that they meet the requirements of our security policies and standards.

You will also develop and implement security procedures and controls and provide guidance on best practices to other members of the team. That said, you will be responsible for staying up to date with the latest security trends and technologies and applying that knowledge to improve our security posture.

You will have the opportunity to make a significant impact on our organization’s security posture. You will be joining a dynamic and collaborative team and will have the support of senior leaders to help drive change and innovation. The ideal candidate for this role will have extensive experience in security assessment, risk analysis, and compliance. You will be able to demonstrate a deep understanding of security frameworks such as NIST and be able to apply them to real-world scenarios. You will also have experience with security tools and technologies and be comfortable working with technical teams to implement and maintain security controls.

All in all, WME is looking for some exceptional communication and interpersonal skills in our new team member. The candidate’s toolbox must be diverse & complete. From being technically savvy to displaying a vigorous passion for learning beyond their traditional areas of expertise, the resource must prove to be an asset to the company.

Required SkillsQualifications/Education:

  • Degree in Computer Science, Information Systems, or related discipline from an accredited college or University required.
  • 5+ years of experience conducting security control assessments of all NIST 800-53 controls.
  • Certification(s) in information technology (i.e., CISSP, CISM).
  • Thorough knowledge of NIST 800-53 security controls and required documentation.
  • Conducted security control assessments based on a Risk Management Framework approach.
  • Experience conducting risk assessments and developing security assessment reports.
  • Experience with security tools such as vulnerability scanners, intrusion detection/prevention systems, and security information and event management (SIEM) platforms.
  • Strong understanding of cloud security concepts and experience with cloud service providers such as AWS, Azure, and Google Cloud.
  • Experience with conducting security assessments of web applications and mobile applications.
  • Knowledge of security requirements for compliance standards such as HIPAA, PCI-DSS, and GDPR.
  • Ability to develop and deliver security awareness and training materials to technical and non-technical audiences.
  • Experience with conducting security audits and working with auditors to ensure compliance with regulations and standards.
  • Excellent communication skills and the ability to work collaboratively with cross-functional teams and stakeholders to achieve common security goals.

Responsibilities of the Senior Security Control Assessor:

  • Conduct security control assessments and risk analysis of systems, applications, and infrastructure to identify vulnerabilities and potential threats.
  • Develop and maintain security policies, standards, and procedures to ensure compliance with industry regulations and organizational requirements.
  • Work with technical teams to implement and maintain security controls and systems and ensure that they meet security requirements.
  • Provide guidance and recommendations to stakeholders on security best practices, risk mitigation strategies, and remediation plans.
  • Develop and deliver security training and awareness programs to technical and non-technical staff to ensure that security is integrated into all aspects of the organization.
  • Participate in incident response activities, investigate security incidents, and provide recommendations for remediation and prevention.
  • Engage with third-party vendors and partners to ensure that their security controls meet organizational requirements and comply with industry regulations.
  • Stay up to date with the latest security trends and technologies and apply that knowledge to improve the security posture of the organization.
  • Conduct security audits and assessments to ensure compliance with regulatory requirements and industry standards.
  • Lead security assessments for new projects, systems, and applications to identify and address potential security risks.
  • Provide guidance and mentorship to junior members of the security team and help to build a culture of security within the organization.
  • Develop and maintain relationships with key stakeholders, including technical teams, business leaders, and auditors, to ensure that security is integrated into all aspects of the organization.

Core Values:

  • Integrity (Doing What’s Right)
  • Inclusion (Encouraging Diversity)
  • Teamwork (Working Together)
  • Excellence (Being Your Best)
  • Accountability (Taking Personal Responsibility)

All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.

Share:

Facebook
Twitter
LinkedIn

Apply for this Job

    You can opt out if you are not interested in updates about this job and related jobs.

    On Key

    More Posts

    Network System Administrator

    Network System Administrator

    EMC Work Requirements: The education, knowledge, and skills required for this position are equivalent to that of a Network Administrator. The Contract requires that this individual possess the following: Formal Education and Certification: Network Administrator Requirements and Qualifications: Remember: Core Values: Disclaimer: All qualified applicants

    Click Here to Read Full Job Post »
    Network System Integrator-Architect

    Network System Integrator/Architect

    EMC Work Requirements: The education, knowledge, and skills required for this position are equivalent to that of a Network Administrator. The Contract requires that this individual possess the following: Formal Education and Certification: Network Integrator / Architect Requirements and Qualifications: Remember: Core Values: Disclaimer: All

    Click Here to Read Full Job Post »
    Microsoft SQL Server Consultant

    Microsoft SQL Server Consultant

    Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Windows Management Experts (WME) is looking for a Microsoft Tech Support SME role for one of our valued partners. The SQL Server Infrastructure expert will help us optimize and manage our SQL server environment. We are

    Click Here to Read Full Job Post »
    Dedicated Automation Tools AI Engineer

    Dedicated Automation/Tool/AI Engineer

    Position:         Full-Time (Dedicated role for nearshore/offshore resources) Location:        Offshore Start Date:      ASAP Nationality:     ANY Windows Management Experts (WME) is looking for a Dedicated Automation/Tool/AI Engineer role to join our team. At WME, we’re transforming

    Click Here to Read Full Job Post »
    Accounting-Finance Staff

    Accounting/Finance Staff

      Position: Full-Time Location:  Remote Start Date:  ASAP Nationality: Any Working Hours: 9 AM to 5 PM EST USA/ 9PM to 5AM- Manila Time Windows Management Experts (WME) is looking for an Accounting/Finance Staff role for one of our valued partners. WME empowers major companies,

    Click Here to Read Full Job Post »

      You can opt out if you are not interested in updates about this job and related jobs.