Sr. Cybersecurity Risk Analyst
Company: Gables Search Group
Posted on: September 25, 2022
This is an on-site position in Salisbury, MD. It is NOT a remote
position. It comes with a comprehensive relocation package.
Responsibilities: This position will actively contribute to the
on-going maturation of the company's information security program
through executing security assessments, guiding secure technology
implementations, and mitigating cyber risk. Specific
- Create and maintain partnering relationships with business
leaders and managers to advise on cybersecurity requirements for
project implementation and execution.
- Manage and guide IT and business areas on technical remediation
stemming from vulnerability assessments, pen tests, application
security assessments, audit, etc. providing prioritized remediation
- Provide input into cybersecurity strategies and plans based on
evolving technology risk and business initiatives stemming from
security assessments and industry requirements.
- Lead cybersecurity projects for identifying and mitigating risk
(maturity assessment, cyber controls assessment, PCI-DSS, HIPAA,
etc.) as needed.
- Assess the security of third-party solutions and supplier
integrations; recommend appropriate security controls and
- Track, measure, validate, and report on risk identification,
acceptances, and remediation efforts.
- Maintain information security policies and standards to support
the on-going protection and security requirements for the
- Support CSIRT and cybersecurity operations teams during
tabletop exercises, incident response, legal request, and internal
investigation as needed based on aligned business/IT areas.
Requirements: A Bachelor's degree in Information Systems, Cyber
Security, Computer Science or a related discipline is preferred,
however, equivalent years of experience may be considered in lieu
of educational requirements. Specific requirements include:
- A minimum of seven (7) years of Information Technology
experience, with at least three (3) years within Information
Security (More without degree.)
- Technical or cybersecurity background (e.g. security
operations, security engineering) that can effectively lead and
advise on cybersecurity implementation, assessments, and cyber risk
reduction strategies for IT and business initiatives.
- Previous experience in one of the following domains,
cybersecurity operations, architecture, or engineering.
- Experience engaging vendors and consultants to execute cyber
- Working knowledge of industry control frameworks and standards,
NIST CSF, CIS, OWASP, and MITRE ATT&CK
- Proficiency in information security domains, including risk and
control assessments, policies and standards, secure systems
development lifecycle, regulatory compliance, access controls,
incident management, vulnerability management, and data
- Understanding of cyber security threat modeling, risk
management concepts, cyber security frameworks, secure coding
principles, and security technologies.
- One of the following certifications is preferred but not
required CISSP, CISM, CRISC, GSEC, GCIH, Security+
- Experience with one more of the following industry regulations,
PCI-DSS, HIPAA, DHS-CFATS
Keywords: Gables Search Group, Baltimore , Sr. Cybersecurity Risk Analyst, Professions , Salisbury, Maryland
Didn't find what you're looking for? Search again!