About the job ISO Security Specialist-Incidents
General Description
Provide technical leadership in the creation, establishment, and maintenance of the information technology/security risk framework, processes, and controls, taking into consideration the overall business strategy, legal/regulatory requirements, and other best practices. Perform security assessment to applications, systems, and vendors. Manage the various risks, which may threaten the very success of the organization and propose methodologies to eliminate or minimize them.
Essential Duties and Responsibilities
Leads the security investigations related to applications, user account, and vendors.
Manage incident response process, from detection, response and post-incident report and actions.
Discuss and follow up action plans to address recommendations from internal processes.
Provided feedback during the Development, review, and update of Policies, Standards, and Procedures related to Information Security.
Triage new incoming issues to determine the risk levels.
Prepare documentation, metrics and reports related to security assessment.
Support other duties and responsibilities.
Escalate issues to senior leadership if you feel your issues are not being treated at the correct pace due to their impact to ensure that we are putting customers first.
Explore building and improving our tooling to make your own life easier, and at the same time, sharing that benefit with all our engineers.
Proven experience with a focus in areas such as systems, incident response, network, and/or application security. AWS Cloud experience required.
Expected to manage and enforce internal procedures and controls, problem resolution; and motivates employee to achieve peak productivity and performance.
Provide advice and recommendations to the Information Security Officers on security matters of interest and concern, and expert recommendations to leadership, IT managers and peers concerning technical and programmatic information security to help ensure that systems and data are secure across the organization.
Oversee cloud vulnerability management program, working with the Information Security Officers and the technical staff performing vulnerability-related tasks to identify and remediate vulnerabilities on a timely basis and measure program effectiveness through clear and actionable metrics.
Coordinate incident response, including planning, documentation, training, and execution of appropriate incident response to a wide range of information security scenarios.
Assess information security risk for specific systems and environments and provides guidance and recommendations to improve the overall risk assessment processes.
Evaluate the effectiveness of security controls and give recommendations for remediation and enhancements, particularly in the cloud environment.
Develops briefs, reports, training/awareness notices, and other documents concerning information security topics. Leads and/or supports various ad hoc and standing committees concerning information security topics.
Education
Bachelor's Degree in Computer Engineering or Computer Science
Bachelor's Degree from an accredited University/College in Information Systems or related fields
Experience
Three (3) years of cyber security and cloud related experience in a complex technology environment.
Certifications / Licenses
Certifications and Licenses are preferred but no required.
Knowledge, Skills, and Abilities (KSA'S)
Strong business acumen: ability to understand the needs and concerns of business stakeholders and colleagues and respond promptly and effectively to stakeholder requests. Ability to conduct analysis on work procedures, business results and recommends changes to improve the effectiveness of the business's management.
Strong technical acumen: knowledge of Cyber Security, Information Security, and Information Technology concepts. Ability to write technical instructions using programs and technology. Robust knowledge of applicable local and federal laws, regulations, and guidelines.
Communication skills: effectively interact with internal and external stakeholders. Ability to foster trusting relationships with colleagues and clients. Highly develop written and verbal communications skills, strong ability to communicate ideas (storytelling). Presents numerical data effectively. Superior communication and interpersonal skills. Excellent report-writing and presentation skills. Polished in preparing presentations, summaries, and reports for all audiences.
Analytical skills: Stays focused on main issues, prevents irrelevant issues or distractions from interfering with timely completion of assignments. Collects, research and complements data; Synthesizes complex or diverse information. Demonstrates attention to detail; Applies design principles; Generate creative solutions. Strong quantitative, research and analytical skills. Experience with data analysis, persuasive and informative writing, workload management, and process management.
Problem Solving: Identifies and resolves problems in a timely manner; Develops alternative solutions.
Project Management: Ability to prioritize and work with multiple projects and tasks with minimum supervision; self-direct and task switch between strategic and tactical initiatives regularly. Capacity to achieve results according to plan ensuring the expected quality. Excellent organization capacity to define priorities, meet deadlines, and flexible to change. Knowledge on project coordination, identification of business needs, work plan, budget control, time management, resource allocation, team management and status reports. Must demonstrate leadership, logic, and reasoning skills.
Operational/Regulations Processes: Knowledge on budget administration, resources allocation, organizations policies, and regulations. Ability to establish, conduct and track operational processes properly.
Computer and Technological Skills: Proficient in MS Office 365. Experience with data management tools such as Power Pivot, Power BI, among others is desired. Ability to achieve results by providing innovative ways of working with operational and technological considerations. Knowledge of computer flow charts and programming logic and codes
Region Locations
Puerto Rico, Florida or North Carolina.
Work Schedule
Hybrid or Remote