Job Description :
Hi,
Hope you doing good today.
We have a bellow opportunity please go through it. If you comfortable then revert me back.
Risk Assessment/Vulnerability Manager
Chicago, IL
6 months
Skype

Description:

Position Purpose
The role will primarily focus on information security risk analysis and risk management processes for McDonald’s projects, efforts, and solutions across the organization. Their role will be to drive the development, implementation, and maintenance of a global risk management program. Through this they will ensure compliance to GTRM policies and standards while supporting customers in their efforts to maintain those standards in their projects and initiatives. The primary functions of this positon include:

1. Conducting risk assessments on projects and efforts which will include reviewing project plans, technical documentation, and industry standard reports (SOC.2, etc to identify when security risks are present, determine the potential impact to the organization, and quantify the risks.
2. Processing risk acceptances in the event GTRM policies and standards are unable to be adhered to on behalf of the business owner for the risk, which will
include documenting the risk and summarizing it for executive review and acceptance.
3. Assessing McDonald’s vendors from a risk perspective, including analyzing technical documentation, leveraging tools to identify any external security concerns, reviewing contract language, and other methods to determine any risks to the organization.
4. Other security management processes to ensure policies and standards are enforced and risks are identified, tracked, and managed.

Key responsibilities include:
Business Case Development - Working with internal and external peers, or other personnel to determine security capabilities needed and/or delivered by a given solution or service.
Procurement - Organize evaluation exercises and be prepared to deliver approval / disapproval messages surrounding the security aspects of a proposed solution or service. This can include participating in supplier Q&A during procurement process as needed for technical support.
Design - Provide input or offer technical or process driven suggestions to ensure other IT Solutions product teams understand potential security risks and comply with current security standards.
Research, define and articulate key elements of an effective information governance program

Requirements
BS in Information Systems, Computer Science, Business Management, or other technical degree
5-7 years of experience with specific leadership experience in operational capacities
Familiarity with complex multi-national companies and distributed business models is a plus
CISSP certification (or similar) and be knowledgeable of national and international regulatory compliances and frameworks such as ISO, SOX, BASEL II, EU DPD, HIPAA, and PCI DSS.
Proven communication skills with the ability to translate complex technical issues or concepts to non-technical audiences in a clear and concise manner that focuses on business value.
Strong ability to assess urgency and prioritization and make good decision based upon situational circumstances.
             

Similar Jobs you may be interested in ..