Location: Maryland Heights
Posted on: August 7, 2022
This position will serve as the technical lead for the IT Security
Assurance group to ensure accurate and timely completion of
proactive, ongoing initiatives to reduce the risk of cyber threats
to the business leveraging a solid understanding of the Cyber
Security threats faced by the organization. This position is
responsible for partnering with internal and external departments
within Information Technology as well as business stakeholders in
the organization to proactively identify security deficiencies and
emerging risks for all IT and IT Security controls on a continual
basis. This position will also provide the business with technical
guidance to satisfy a variety of regulatory monitoring
MAJOR DUTIES AND RESPONSIBILITIES
- Actively and consistently supports all efforts to simplify and
enhance the customer experience.
- Analyze, interpret, and present complex security requirements
to Executive and IT management, IT staff, peers and non-technical
team members to drive understanding, awareness, and adoption of
sound security practices.
- Develop in-depth technical process workflows in order to
provide continuous, ongoing monitoring of all IT systems from a
- Conduct in depth testing of business defined controls of IT
applications to ensure compliance and effectiveness with PCI, NIST,
and SOX requirements. Configure remedy based on control testing to
enhance security posture within system.
- Develop automated scripts, reporting and automation
capabilities to support internal IT Security continuous monitoring
- Provide recommendations on technical guidance and support a
variety of regulatory compliance requirements to the business for
the implementation of sound security controls within the corporate
- Develop and present root cause and trending analysis reports
regarding security and compliance programs to senior leadership
with IT Security, business partners, and peer departments to drive
awareness and optimize continuous improvement initiatives.
- Liaise with IT Operational teams to gain understanding of
operational requirements on new project initiatives (implementing
new and upgrading business applications, decommissioning systems,
etc.) to align with IT Security, Regulatory, and Compliance
standards and frameworks.
- Partner with technical business stakeholders to successfully
mitigate security risk to the business through the continuous
security monitoring process and the development and publication of
security assurance metrics.
- Organize project and communication plans and provide updates to
the IT Security and Compliance and IT Operations teams.
- Interpret, analyze and maintains IT Security standards,
guidelines and regulations and provide recommendations to business
partners on process improvement.
- Maintain deep subject matter expertise of current cybersecurity
threats in order to respond effectively to assessment and
evaluation of security controls and continuous monitoring of
existing security controls.
- Research emerging risk and threats to establish a cohesive
strategy to present information to IT Security leadership and key
- Collaborate with other team members and leadership teams on
projects, issues, and remediation issues.
- Perform other duties as assigned.
Required Skills/Abilities and Knowledge
- Ability to read, write, speak and understand English
- Intermediate knowledge of security frameworks such as PCI, SOX,
HIPAA, NIST 800-53, Cybersecurity and/or other federal, state and
industry areas of compliance.
- Intermediate knowledge of security system configuration.
- Intermediate knowledge of File Integrity Monitoring process,
Firewall Review process, Data Loss Prevention and Patch Management
Methodologies a plus.
- Intermediate knowledge of OS (operating systems), IP networks,
and database and application functionality.
- Intermediate knowledge of application layers, networking, and
system administration in order to interpret data.
- Ability to present technical concepts to non-technical
- Ability to communication with all levels of leadership,
internal/external departments and peers,
- Strong analytical and critical thinking skills to identify
patterns or indicators of non-compliance.
- Ability to build strong relationships with Senior Leadership,
IT Staff and peers as demonstrated through an effective and
efficient compliance program.
- Strong organization and time management skills.
- Ability to manage multiple tasks / projects while ensuring
deadlines are met.
Bachelor s degree in BA or BS Management Information Systems,
Computer Science, Cybersecurity, and/ or business related
discipline, or equivalent work experience
Required Related Work Experience and Number of Years
4+ years of IT Security and/or Corporate Risk Work experience
2+ years of Information Assurance, Risk, and Cybersecurity Program
One of the following or equivalent certifications required or in
the process of obtaining:
CISSP - Certified Information Systems Security Professional
CISM - Certified Information Security Technologist
CISA - Certified Information Systems Auditor
Python 2.0 or 3.0
Tableau Data Visualization
MS Office Excel
Preferred Related Work Experience and Number of Years
1+ years of Experience working with Tripwire
Travel up to 10% required
ISE321 318275 318275BR
Keywords: SPECTRUM, Springfield , Cybersecurity Engineer, Engineering , Maryland Heights, Illinois
Didn't find what you're looking for? Search again!