Job Description :
Job Title :Security Risk & Compliance Specialist II

Client Company :Educational Testing Service

Location:Princeton, NJ

Mode of Interview : F2F

Submit only local profiles

Job Description :

· Oversee all phases of Information Security initiatives

· Define, identify and classify information assets, assess threats and vulnerabilities regarding those assets, as well as recommend appropriate information security controls and measures.

· Develop, implement and monitor compliance with information security policies, standards, guidelines and procedures "

· Evaluate security risks and compliance with policies and standards

· Design and/or configure information security controls in new systems being developed, as well as technology products/software purchased

· Develop and implement security measures for information systems to prevent security breaches

· Investigate and analyze causes, patterns and trends that can pose a risk to data integrity and information systems

· Monitor security reports to identify and mitigate IT risk

· Evaluate security risks and assume responsibility for compliance with security policies

· Manage project documentation (security plans, risk assessment, corrective action plans, etc

· Perform risk assessments and execute testing of data processing systems

· Keep stakeholders informed about security-related issues and activities affecting the assigned area or project

· Investigate security breaches and create actionable plans to address risks

· Participate in security audits and reviews to ensure compliance to IT Security policies and procedures

· Conduct data vulnerability testing and communicate findings to stakeholders

· Evaluate risk-related data and identify solutions to increase data protection mechanisms and controls throughout the enterprise

· Identify, develop and implement control processes

· Spearhead the development and maintenance of information security policies

· Lead IT Security planning sessions

· Develop and facilitate the security awareness program

· Maintain current knowledge on a wide range of security issues including architectures, firewalls, electronic data traffic and network access


· Prior experience with security audits

· Strong knowledge of security technologies and practices

· Demonstrated experience with enterprise network environments, standards and protocols

· Sound knowledge of application design and development

· Prior experience with systems analysis process and procedures

· Software development or business analyst experience

· Must be able to work in a cross-functional team environment

· Ability to interface with all levels of management, as well as work closely with technical and business staff