*Hi Partners,* ** *Greetings,* ** *Hope you are doing Well!!!!!!!!!!!!!!!* ** *Please forward a profiles to **[email protected]*<[email protected]> ** *Here are the requirement details* * *
Location: Detroit, MI Duration: 4-5 months contract *Description:* Primary Emphasis: - Information Security Governance, Risk and Performance (GRP) Analyst position shall be responsible for the verification and audit of information security controls, documentation, and issuance management reports opening on the design and effectiveness of controls. - These roles will be responsible for the evaluation and response of information security risk associated with vendors and key 3rd party relationships. - These roles will also coordinate and create training and awareness activities for the enterprise. - Finally, these roles will design and operate key operational and executive metrics, reports and dashboards. Dimensions: - The Information Security Governance, Risk and Performance Analyst is responsible for the day-to-day management of information security risk and compliance. Work Direction: - Information Security GRP – Policies, Standards and Controls Team Leader - Information Security GRP – Information Security Risk Management Team Leader Information Security GRP Team - Principal Activities - Day-to-day management of information security risk identification, mitigation and acceptance processes in coordination with security operations. - Execution of training, education and awareness of all users, managers and board members regarding information security requirements and expectations. - Operational risk planning, mitigation and remediation to address information security deficiencies. - Development of policies, procedures and standards to ensure and enhance security. - Perform vendor and 3rd party risk assessments. - Track remediation of risks and work with business areas to correct known gaps. Problem Solving: - Risk planning, mitigation and remediation to address information security deficiencies. - Keeps abreast of the latest in security, risk, and compliance related to client data assets. - Makes appropriate recommendations regarding the purchase of new monitoring, auditing, security tools. Nature and Source of Control: - The Information Security Governance, Risk and Performance (ISGRP) department has wide latitude to develop and execute plans, perform risk assessment/acceptance and respond to operational needs to meet organizational objectives. - The ISGRP area is the architect of the policy and risk foundation for the organization and sets the tone for what becomes the risk tolerance of the organization. - To do so requires careful coordination across the organization. - Further, the ISGRP team is the one of the principal points of contact for the governance of information security. - As such, the ISGRP requires latitude to work with the Information Security Working Group, Corporate Compliance Committee, Operating Committee and executive leadership. - Assessment and acceptance of risk requires careful coordination across all business and functional organizations. Impact of Errors - Failure to effectively establish, implement and monitor policy, standards and controls and accurately assess and manage risk could lead to regulatory violations and sanctions, ineffective and inappropriate use of resources, short and long term degradation of existing technical capabilities, negative impact of user productivity and hindrance of the business’s ability to meet its objectives and serve our members. Contact with Others: - The ISGRP team’s role requires frequent contact with many functional and business units: Systems Operations, Systems Development, Information Security Working Group, Corporate Compliance, Audit, Legal and others. - The development, implementation and monitoring of policy, standards and controls is critical to success and requires extensive interaction with several affected parties. *Required Skills:* - Strong understanding of information security and the relationship between threat, vulnerability and information value in the context of risk management. - Good understanding of risk-based decision-making (i.e. risk analysis, mitigation, resolution, acceptance, etc.) - Possess a good understanding of appropriate leading-edge governance-enabling technologies. - Demonstrated ability to build effective, cohesive and collaborative team. - Strong demonstrated ability to skillfully hire, develop, lead, motivate, performance manage, and coach a cross-section of security and technology professionals and managers - Must have at least one of the following active certifications: CISA, CISM, CISSP - Other related certifications such as ITIL, PMP, SANS/GSEC, CIPP, CRISC, CFE, CGEIT, CPA/CA are preferred, but not required. - Minimum of 2 years leadership in information security policy, standards, architecture, technology and programs. - Minimum of 1 years of experience in healthcare or compliance-oriented industry is preferred. - “Big Four” or consulting experience is preferred, but not required. - Extensive experience building and managing a diverse and inclusive team environment with strong commitment to respect, equality and teaming. *Education:* - Bachelor’s degree in computer science, information systems, engineering, business administration or a related field is required. - Masters degree in computer science, information systems, engineering, business administration or a related field is preferred, but not required. -- Regards, Shankar 248-522-6879 Technology consultanst inc -- You received this message because you are subscribed to the Google Groups "SAP ABAP" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/sap-abap?hl=en.
