*Job Title :Information Security Analyst*
*Location :Minneapolis, MN.*
*Contract:6+ months*
*Mode of interview: Phone/skype*
*Must have an IT background for this role.*
*Experience:*
*• Minimum 3 years professional experience, including 1 year working in
area of ITGRC or controls function. • Prior experience in Audit, risk
management, governance, IT security and / or compliance functions • Proven
experience dealing with ambiguous situations, and producing a consistent
result with varied input*
*Other Skills:*
• Knowledge of information risk concepts and practices required
• Knowledge of controls manifestation in large global corporations with
regional and local presence is required
• Experience of working across business units and geographical boundaries
to engage IT, business and team members is required
• Experience communicating conceptual and technical information.
• Experience translating technical data into business impact information.
• Ability to investigate, question and interpret internal and external
security environments is required
*Technical Skills:*
• *Knowledge of Frameworks, including PCI, SOX and ISO 2700x*
• Detailed knowledge of ITGRC, Auditing principles / practices is desired
• Good understanding of Vendor management desired
• Good understanding of security frameworks desired
• Good project management skills desired
• Experience with some networking and security technologies such as IPSEC
(Internet Security Protocol), VPN (Virtual Private Network), routers,
switches, firewalls, intrusion detection and prevention, data leakage, WAF
(Web Application Firewall).
• Experience in examining reports on security controls (SSAE-16, PCI-ROC,
Application Security Assessments)
*Job Function:*
• Execute effective security risk assessments and coordinate with rest of
the Global Privacy and Security Office (GPSO) team in delivering requited
security requirements
• Contribute continuous improvement to the methodologies and practices of
the GPSO to attain higher capability maturity levels
• Effectively manage third party security risk throughout the vendor
life-cycle
• Appropriately challenge and require high quality findings and issue
definition from regional and local control owners
• Provide support of policy / standards exceptions, report status to
regional and local management, and advise on corrective actions
• Maintain, manage and monitor regional and local compliance to the
internal control frameworks such as the Security Policies and Standards,
SOX, regulatory / legal and other obligations / requirements
• Prepare stakeholder presentations for regional stakeholders and senior
leadership
• Provide insight on the deployment of security technology solutions at
vendors, which may include technology for encryption, firewalls,
authorization, authentication, intrusion detection, and gateway security
controls.
• Prepares status reports on security matters to analyze security risk and
response of vendor security controls. Monitors and proactively recommends
solutions for correcting issues related to security technology performance
and capabilities of vendors.
• Provides direct support to the business and IT staff for security-related
issues, which may include off hour analysis of vendor security posture.
• Determine and communicate security/privacy risk to partners and leaders
as appropriate
• Demonstrate strong knowledge of IT security controls, security risk and
threats
Thanks & Regards
*Shamshul Qamar*
*Technical recruiter*
3736 Hills-Dale Court,
Santa Clara, CA 95051
Direct: 408-933-9547
Office:408-709-1760-Ext-821
www.tech-resource.com
<https://www.linkedin.com/company/technology-resource-group-inc->
<https://twitter.com/TechResourceInc>
--
You received this message because you are subscribed to the Google Groups "SAP
or Oracle Financials" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to sap-or-oracle-financials+unsubscr...@googlegroups.com.
To post to this group, send email to sap-or-oracle-financials@googlegroups.com.
Visit this group at https://groups.google.com/group/sap-or-oracle-financials.
For more options, visit https://groups.google.com/d/optout.
