*Job Title :Information Security Analyst* *Location :Minneapolis, MN.*
*Contract:6+ months* *Mode of interview: Phone/skype* *Must have an IT background for this role.* *Experience:* *• Minimum 3 years professional experience, including 1 year working in area of ITGRC or controls function. • Prior experience in Audit, risk management, governance, IT security and / or compliance functions • Proven experience dealing with ambiguous situations, and producing a consistent result with varied input* *Other Skills:* • Knowledge of information risk concepts and practices required • Knowledge of controls manifestation in large global corporations with regional and local presence is required • Experience of working across business units and geographical boundaries to engage IT, business and team members is required • Experience communicating conceptual and technical information. • Experience translating technical data into business impact information. • Ability to investigate, question and interpret internal and external security environments is required *Technical Skills:* • *Knowledge of Frameworks, including PCI, SOX and ISO 2700x* • Detailed knowledge of ITGRC, Auditing principles / practices is desired • Good understanding of Vendor management desired • Good understanding of security frameworks desired • Good project management skills desired • Experience with some networking and security technologies such as IPSEC (Internet Security Protocol), VPN (Virtual Private Network), routers, switches, firewalls, intrusion detection and prevention, data leakage, WAF (Web Application Firewall). • Experience in examining reports on security controls (SSAE-16, PCI-ROC, Application Security Assessments) *Job Function:* • Execute effective security risk assessments and coordinate with rest of the Global Privacy and Security Office (GPSO) team in delivering requited security requirements • Contribute continuous improvement to the methodologies and practices of the GPSO to attain higher capability maturity levels • Effectively manage third party security risk throughout the vendor life-cycle • Appropriately challenge and require high quality findings and issue definition from regional and local control owners • Provide support of policy / standards exceptions, report status to regional and local management, and advise on corrective actions • Maintain, manage and monitor regional and local compliance to the internal control frameworks such as the Security Policies and Standards, SOX, regulatory / legal and other obligations / requirements • Prepare stakeholder presentations for regional stakeholders and senior leadership • Provide insight on the deployment of security technology solutions at vendors, which may include technology for encryption, firewalls, authorization, authentication, intrusion detection, and gateway security controls. • Prepares status reports on security matters to analyze security risk and response of vendor security controls. Monitors and proactively recommends solutions for correcting issues related to security technology performance and capabilities of vendors. • Provides direct support to the business and IT staff for security-related issues, which may include off hour analysis of vendor security posture. • Determine and communicate security/privacy risk to partners and leaders as appropriate • Demonstrate strong knowledge of IT security controls, security risk and threats Thanks & Regards *Shamshul Qamar* *Technical recruiter* 3736 Hills-Dale Court, Santa Clara, CA 95051 Direct: 408-933-9547 Office:408-709-1760-Ext-821 www.tech-resource.com <https://www.linkedin.com/company/technology-resource-group-inc-> <https://twitter.com/TechResourceInc> -- You received this message because you are subscribed to the Google Groups "SAP or Oracle Financials" group. To unsubscribe from this group and stop receiving emails from it, send an email to sap-or-oracle-financials+unsubscr...@googlegroups.com. To post to this group, send email to sap-or-oracle-financials@googlegroups.com. Visit this group at https://groups.google.com/group/sap-or-oracle-financials. For more options, visit https://groups.google.com/d/optout.