Cybersecurity - Enterprise Risk Management

-Builds processes and tools to provide the business visibility of cybersecurity risks and drive accountability.
-Develops and maintains policies, standards, processes, and procedures to assess, monitor, report, escalate and remediate cyber risk while maintaining corporate compliance with mandated security regulations.
-Assesses and reviews security and controls to ensure sustainable regulatory compliance.
-Develops processes and monitoring to identify, quantify, analyze, and report risk and compliance status.
-Coordinates cyber risk management efforts including identification, assessment, tracking and resolution of risk management activities across all levels of the organization.
-Assists with training, including training material development and deployment to ensure that compliance and risk becomes a sustainable business practice.
-Gathers and prepares documentation to support audits, self-assessments, data requests, etc.
-Continuously monitor and evaluate security risks, both internal and external, and develop strategies to mitigate them. This includes conducting risk assessments, threat modeling, and vulnerability management.
-Experience carrying out risk assessments, creating and managing risk registers and POAMs.
-Able to identify, select, track, and report on security metrics.

We are a company committed to creating diverse and inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity/affirmative action employer that believes everyone matters. Qualified candidates will receive consideration for employment regardless of their race, color, ethnicity, religion, sex (including pregnancy), sexual orientation, gender identity and expression, marital status, national origin, ancestry, genetic factors, age, disability, protected veteran status, military or uniformed service member status, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to HR@insightglobal.com.

To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy: https://insightglobal.com/workforce-privacy-policy/ .

-Bachelor's and 5 years of experience
-Practical knowledge of security applications and technologies, as well as operating system platforms including Windows, Mac, Linux, and Networking technologies.
-Knowledge of application and infrastructure vulnerability scanning tools (e.g., Rapid7, Nessus, Qualys, Fortify, etc.) in complex or large organizations.
-Technical background to understand the characteristics and exploitation vectors for vulnerabilities being reported.
-Knowledge of Splunk, Tenable Nessus, APIs, Excel and Power BI Platform for data analytics.
-Experience with advanced Excel data manipulation and analysis including pivot tables, light macros, intermediate formulas.
-Previous experience in analyzing data to present relevant metrics to remediation stakeholders and leadership.
-Sound knowledge of risk management frameworks and risk scoring.
-Deep understanding of cybersecurity best practices and frameworks such as NIST 800-53/171, CMMC, and RMF.
-Risk management expertise with ability to translate technical risks for business leaders.
-Experience judging the priority of a vulnerability based on risk and impact.
-Excellent written and verbal communication skills.
-One or more basic cybersecurity certifications such as: Security+, CEH, CND, CySA+, CCNA-Security or equivalent.

-Active Secret Clearance.
-Masters degree.
-5 years of experience in risk management.
-Experience leading or managing a Risk Management program.
-One or more advanced cybersecurity certifications such as: CISSP, CISM, CISA, CRISC, CASP, or equivalent.

Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.