Engineer, Information Security GRC
ICE · Provo, UT · 2 days ago
On-siteInformation TechnologyFull-time
Responsibilities
- Uses automated and manual processes to produce regular reports communicating the status of the Information Security program
- Maintains corporate Information Security policies and departmental procedures and maps them to relevant control standards
- Organizes and updates departmental documentation and responds to inquiries in an organized and repeatable fashion
- Operates periodic processes to ensure hire, transfer, and termination protocols are complied with and regular access reviews are conducted
- Builds and maintains company awareness and education programs
- Builds and operates the company platform to document, measure, and report assessments, risks, controls, findings, and remediation activity
Requirements
- University degree in Information Security, Engineering, MIS, CIS, or related discipline
- 3+ years of relevant work experience
- Experience in Cybersecurity Framework (such as NIST, COBIT)
- Experience with Systems Administration and/or IP Networking
- Experience with Regulatory Compliance
- Experience in an exchange, trading facility, or financial services
- Experience in Customer communication and Vendor evaluation
- Experience with senior management and board metrics generation and communication
Qualifications
- Advanced certifications (for example, the CISSP)
- Advanced technical writing and/or communication education and experience
Specific Technologies
- Excel
- Workflow automation tools
- Data collection, normalization, indexing, correlation, and visualization
- Scripting, regular expressions, string-parsing, light SDLC, and project management
- NIST Cyber Security Framework, CIS, and GRC Platforms
Pay
Commensurate with experience
Schedule
Varies
Benefits
TBD