Applying information security and privacy fundamentals.
Applying risk management frameworks such as NIST, FISMA, or ISO 27000.
SSAE 16, SOC 2, Shared Assessments, FedRAMP, and other vendor risk assessment methodologies.
Governance, Risk, and Compliance (GRC) and vendor risk management tools.
Technical IT expertise in areas such as network IT protocols, IT operating systems, IT programming languages, encryption techniques, and intrusion detection systems to effectively analyze and respond to cybersecurity threats.
Excellent oral and written communication skills, with the ability to convey technical and security-related concepts to people at all levels of the organization.
Proficiency in the design and implementation of effective information security controls with minimal oversight.
Acute attention to detail with a high level of data integrity and accuracy.
Strong organizational and prioritization skills to handle multiple priorities.
Must be able to work both on-site and, if needed, remotely.