The Cybersecurity Advisor will provide information security guidance and enforcement of Cybersecurity guidelines to internal and external organizations (i.e., IT delivery, Business functions, and Third-party vendors). The ideal candidate will need to be able to handle technical escalations and represent the organization in technically, politically, or challenging engagements.
Key Accountabilities:
This role will provide you the opportunity to lead key activities to progress in your career, these responsibilities include some of the following:
- Determines security requirements by evaluating business strategies and requirements.
- Work closely with IT Business Partners and Enterprise Architects in designing system solutions aligned with internal controls and security policies.
- Collaborate with the Sales, Marketing, Supply Chain, HR, Legal and Finance organization to evaluate cybersecurity risks and provide guidance for remediation.
- Provide assistance with Threat Modeling, Penetration Testing, SDLC, Secure Code Reviews and Cloud security assessments.
- Maintain a broad understanding of compliance across applications and networks for PCI, HIPAA, PII, and SOX.
- Collaborate with internal Legal team, Data Privacy/ Protection officer to understand global data privacy/protection requirements and define security controls to meet the objectives.
Key Qualifications and Experience
We are looking for professionals with these required skills to achieve our goals:
- 5-7+ years of Information Security, with a background in cybersecurity and compliance experience.
- Strong technical communication skills and ability to explain technical security concepts to stakeholders in non-technical business language.
- Experience working in a matrix model (globally).
- Service level management experience.
- Knowledge and experience of Information Security Risk and Security governance
Preferred Qualifications
If you have the following characteristics, it would be a plus:
- Bachelor s degree, preferably in computer science or information systems.
- Hands-on results from performing IT risk assessments, information security consulting or IT audits are most beneficial.
- Experience in the following regulations and frameworks: PCI, ISO 27001/2, SOC/SSAE 18, HIPAA, GLBA, NIST 800.
- Security certifications such as CISSP, CISM, CEH, CISA, etc. are a plus.