Hi,
Hope you are doing great!! We have an immediate requirement with our client and the details are as follows. *Role:* *Sr. Security & Risk Management Consultant* *Duration: 6+ months* *Location: New York City, NY* *Job Description * *Principal Duties and Responsibilities:* - *Support the Chief Risk & Security Officer in the development and execution of risk management and risk communication strategies* - *Provide strategic direction to all the security departments that is aligned with corporate business objective and regulatory requirements.* - *Manage/mature Information security & risk management (ISRM) processes, program and strategy as well as align all activities with COBIT 5 security and risk management as well as NIST cybersecurity framework* - Collaborate with team members, peers and the business unit management team to determine technical information security requirements, planned remediation, and advocate for the program to gain resources to implement appropriate protection technologies and processes. - Ensure continuous security compliance and monitoring - Make proactive assessments of threat information in and outside the public domain, understanding the threat as it relates to HHC and implement measures to combat the threat. Make technical risk-based decisions on a daily basis that has the potential to impact our client ability to operate and communicate. - Ensure data security controls for HHC are appropriate and operating as intended; includes solutions that are directly controlled as well as security solutions that are operated by other internal and external groups. - Provide status reports on a weekly, monthly and quarterly basis to business managers and other management activities that demonstrate the health of the program. Develop board level metrics and key risk indicators on overall state of security posture and demonstrate increase in the maturity of the program - Drives effective delivery of multi-year, multi-million dollar IT Security projects to achieve the strategic and operational plans. - Manage and mentor direct reports that will include security managers (Assistant Directors) as well as level 3 security architect/engineer/analysts - Develop and manage security budget, secure funding for necessary security controls - Build a security and risk aware culture - Manage relationships with multiple vendors, New York State, DoH, FBI, HHS and OCR - Respond to all IT security requests from internal and external auditors. - Assist the Governance group in the development and refinement of technical security standards, key performance indicators and other necessary processes to maintain effective operational security, as it relates to HHC. *Qualifications / Required Skills:* - *Bachelor’s in Information Systems required* - *10 years of hands on information security experience with at least 5 years as a lead/manager/department head leading a multi-disciplinary security department* - *At least 3 years working in a regulated industry (healthcare preferred)* - A broad, enterprise-wide view of businesses and understanding of security strategy - Experience with development of strategic IT security plan, goals and budgets - Directly responsible for completion of multiple multi-year enterprise wide Network, Endpoint and Application security projects involving multiple vendors and other IT departments while maintaining/managing daily operations - Experience using project management tools to perform functions such as tracking project status, effort reporting, resource/capacity planning and prioritization - Experience administering tools for services such as the following: anti-virus, vulnerability assessments and remediation, intrusion prevention system (IPS), security incident event management (SIEM), log monitoring/correlation, security incident tracking, internal and external penetration testing, advanced firewall and other network protection. end-point workstation security protection, mobile device security and encryption - Knowledgeable of cloud and mobile device security requirements, risks and mitigation strategies. - Ability to rapidly comprehend and interpret the functions and capabilities of new technologies. - *Thorough knowledge of SDLC, HIPAA security rule, COBIT and NIST and the ability to apply Information Security principles to business solutions.* - Strong analytical skills and the ability to resolve complex security vulnerabilities and design compensating controls - Excellent written and verbal communication skills; interpersonal skills - Must possess a high degree of integrity and trust along with the ability to work independently as well as motivate others - CISSP, CISM, C-RISC, GIAC or other technical security certifications. Thank You. *Best Regards…* *Rajender Reddy | Sr. Talent Acquisition * *Infosmart Systems Inc | Frisco, TX* Email : [email protected] *| *www.infosmartsys.com -- You received this message because you are subscribed to the Google Groups "SAP BASIS" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/sap-basis. For more options, visit https://groups.google.com/d/optout.
