*IT Security management with GRC* *Location: Louisville, KY*
*Duration: 6+ Months* *Send Resumes at r...@systelinc.com <r...@systelinc.com>* Responsibilities - Assist senior IT Security management with the design of GRC programs (Threat, Vulnerability, and Risk), GRC process engineering or enhancements, GRC tool and technology design / implementation - Provide expert-level support for GRC team responsible for tasks related to managing an enterprise-wide security governance, risk, and compliance programs - Perform assessments, analysis, rating, provide remediation recommendation and/or assist with remediation efforts using the Risk ManagementFramework - Perform assessments,and assist in identifying, tagging/documenting, and tracking company assets - Perform assessments to track system and application security weaknesses from identification to remediation/risk acceptance - Perform integrated operational risk management - Identify and prioritize risk based on impact and likelihood - Perform other risk management duties as requested, in support of the overall GRC programs, and GRC team deliverables - Assist in ensuring security programs are in compliance with applicable laws, regulations and policies to minimize risk and audit findings - Assist with tracking risk remediation efforts - Create risk metrics and reports - Assist in the development of key risk indicators, and dashboards - Assist senior IT Security management in working with key stakeholders to facilitate information risk analysis and risk management processes, identify acceptable levels of risk, and establishing roles and responsibilities with regards to information risk management - Assist senior IT Security management with forecasting/planning, reporting, trending, and managing overall risk within the Risk Register - Offer innovative ideas for continuous improvement of the program and process Required Qualifications - Significant experience with GRC methodologies, tools and enablers - Rapid7/Nexpose is a plus - Significant Knowledge of Threat, Vulnerability and Risk Management Frameworks, Methodologies and industry best practices (NIST Cyber Security Framework/SANS Top 20 Security Controls/NIST SP 800-53 Controls/ISO 27001/27002 Controls/Etc.) - Must be familiar with the Common Vulnerability Scoring System and all relative components - Experience with complex corporate IT environments and enterprise application integrations - Knowledge of General IT concepts and technologies - including, but not limited to, Windows OS, LINUX OS, UNIX OS, IP networking, Active Directory, Access Management, Configuration Management, Wireless Security, VPN technologies, authentication systems, single sign-on technologies, antivirus software, encryption methods, Intrusion Detection/Prevention systems, Email security - Must be versed in analyzing the clients network to determine (and recommend solutions) for identified security vulnerabilities and zero day attack vectors - Strong interpersonal and communication skills (written and oral) - Highly self-motivated, self-starter, and the ability to make sound recommendations to senior IT security management to assist with strategic business decisions - Detail oriented, Committed to quality - Forward looking and creative thinker, with a general problem-solving mindset Thanks & Regards *Ram G* *Sr. Resourcing Specialist* *r...@systelinc.com <r...@systelinc.com>* *Work: 678-250-9839* *Systel INC** | Atlanta, GA* <http://www.systelinc.com/> *"NATIONAL SUPPLIER OF THE YEAR - 2015" by NMSDC* *Notice of Confidentiality:* The information contained herein is intended only for the confidential use of the recipient. If the reader of this message is neither the intended recipient, nor the person responsible for delivering it to the intended recipient, you are hereby notified that you have received this communication in error, and that any review, dissemination, distribution, or copying of this communication is strictly prohibited. If you receive this in error, please notify the sender immediately by telephone, and destroy this e-mail message OR reply with the subject “*REMOVE*” such that your email would be taken out of our distribution. -- You received this message because you are subscribed to the Google Groups "Oracle-Projects" group. To unsubscribe from this group and stop receiving emails from it, send an email to oracle-projects+unsubscr...@googlegroups.com. To post to this group, send email to oracle-projects@googlegroups.com. Visit this group at https://groups.google.com/group/oracle-projects. For more options, visit https://groups.google.com/d/optout.