Our client is looking to hire an accomplished information security professional to join its Information Security Department. The position requires frequent, close collaboration with US-based enterprise leadership, business units with unique technical needs, experts in the Information Systems Department, and international department personnel. In this role, you will develop and advocate information security educational resources and solutions that promote resilient security culture throughout the enterprise. Support the establishment, implementation, documentation, and adherence to information security standards to protect essential company information assets systems, services and sites. Understand the risk associations within and across the following areas: people, processes, applications, data stores, platforms, networks and physical components. Use this understanding to assess the probability and impact of relevant risks as well as design, test and implement risk mitigating solutions, including security policies, processes and technologies. Develop enterprise strategy for security awareness training, facilitate, promote and support the delivery of effective content, and demonstrate effectiveness via metrics and change over time. Training may generally apply to all members of the workforce, including employees and third-party workers. Training may also be targeted to roles and personas , including worker level (e.g., executives, managers, individual contributors), worker role (e.g., technology enablers and administrators) or department (e.g., factory, R&D). Assist communications strategy for the incident response management program. Areas of focus include planning, program development, documentation, knowledge sharing, coordination with participating teams, response (e.g., containment, eradication) and recovery as well as any necessary post-incident activities. Research and recommend security solutions to the Information Security Department and business leaders, contributing to program maturity and continuous improvement.
We are a company committed to creating inclusive environments where people can bring their full, authentic selves to work every day. We are an equal opportunity employer that believes everyone matters. Qualified candidates will receive consideration for employment opportunities without regard to race, religion, sex, age, marital status, national origin, sexual orientation, citizenship status, disability, or any other status or characteristic protected by applicable laws, regulations, and ordinances. If you need assistance and/or a reasonable accommodation due to a disability during the application or recruiting process, please send a request to
Human Resources Request Form. The EEOC "Know Your Rights" Poster is available
here.
To learn more about how we collect, keep, and process your private information, please review Insight Global's Workforce Privacy Policy:
https://insightglobal.com/workforce-privacy-policy/ .
6+ years of experience within InfoSec Security Engineering related roles
o Focusing on security risk and compliance management, security operations, incident response management, auditing, research, analytics, etc
Bachelors degree of higher within one or more fields above
One or more of the following certifications is preferred:
o CRISC, CISSP, CISA, CISM, GIAC, CompTIA Security+, CEH, SSAP
Experience applying InfoSec supporting development of information security or other risk mitigation related policies, solutions and processes.
Experience with developing communications and outreach strategies for both business and technical audiences
Experience communicating takeaways from data to Executive Leadership
Benefit packages for this role will start on the 31st day of employment and include medical, dental, and vision insurance, as well as HSA, FSA, and DCFSA account options, and 401k retirement account access with employer matching. Employees in this role are also entitled to paid sick leave and/or other paid time off as provided by applicable law.