Job Description :
Description:
OWASP Top 10 Application Security Risks
Monitor, evaluate, and maintain systems and procedures to safeguard internal information systems, network, databases, and Web-based security. Conduct vulnerability assessments and monitor systems, network, databases and Web for potential system breaches. Respond to alerts from information security tools. Report, investigate and resolve security incidents. Educate and communicate security requirements and procedures to all users and new employees. Recommend and implement changes to enhance systems security and prevent unauthorized access. Research security trends, new methods, and techniques used in unauthorized access of data in order to preemptively eliminate the possibility of system breach. Ensure compliance with regulations and privacy laws. May oversee internal or external systems security (i.e. cloud services Career-Development position within field. Requires moderate skill sets and developing proficiency within discipline. Conducts tasks and assignments as directed. Works under moderate supervision with some latitude for independent judgment. Typically requires four to five years of relevant experience or equivalent combination of experience and education.
Additional responsibilities:
Assist in the development and management of an enterprise security risk program, including defining foundational processes, managing data repositories, identifying reporting solutions, and other supporting activities.
Perform gap analysis and security risk assessments to determine if business systems are aligned with regulatory requirements, industry standards, and internal information security policy, procedures, and standards
Review Policy exception requests to evaluate risk exposure, assign appropriate remediation activities, and track remediation progress to closure
Conduct assessments to meet compliance mandates, and collaborate with IT and business stakeholders to remediate gaps
Assist in daily governance, risk, and compliance activities as needed to support the overall IT Security mission