Job Description :
Job Title :Security Risk & Compliance Specialist II
Client Company :Educational Testing Service
Location:Princeton, NJ
Mode of Interview : F2F
Submit only local profiles
Job Description :
· Oversee all phases of Information Security initiatives
· Define, identify and classify information assets, assess threats and vulnerabilities regarding those assets, as well as recommend appropriate information security controls and measures.
· Develop, implement and monitor compliance with information security policies, standards, guidelines and procedures "
· Evaluate security risks and compliance with policies and standards
· Design and/or configure information security controls in new systems being developed, as well as technology products/software purchased
· Develop and implement security measures for information systems to prevent security breaches
· Investigate and analyze causes, patterns and trends that can pose a risk to data integrity and information systems
· Monitor security reports to identify and mitigate IT risk
· Evaluate security risks and assume responsibility for compliance with security policies
· Manage project documentation (security plans, risk assessment, corrective action plans, etc
· Perform risk assessments and execute testing of data processing systems
· Keep stakeholders informed about security-related issues and activities affecting the assigned area or project
· Investigate security breaches and create actionable plans to address risks
· Participate in security audits and reviews to ensure compliance to IT Security policies and procedures
· Conduct data vulnerability testing and communicate findings to stakeholders
· Evaluate risk-related data and identify solutions to increase data protection mechanisms and controls throughout the enterprise
· Identify, develop and implement control processes
· Spearhead the development and maintenance of information security policies
· Lead IT Security planning sessions
· Develop and facilitate the security awareness program
· Maintain current knowledge on a wide range of security issues including architectures, firewalls, electronic data traffic and network access
Experience/Skills
· Prior experience with security audits
· Strong knowledge of security technologies and practices
· Demonstrated experience with enterprise network environments, standards and protocols
· Sound knowledge of application design and development
· Prior experience with systems analysis process and procedures
· Software development or business analyst experience
· Must be able to work in a cross-functional team environment
· Ability to interface with all levels of management, as well as work closely with technical and business staff