Over 30 years. More than 40 countries. One Mission: Make Things Better

Technology Risk Lead

RiskRiskFull TimeRemoteTeam 1,001-5,000Since 1993H1B SponsorCompany Site LinkedIn

Location

North Carolina + 2 more

Posted

38 days ago

Salary

Not specified

Bachelor Degree6 yrs expEnglishAzureCloudCyber SecurityLinuxOracleSQL

Job Description

• Responsible for the development and delivery of First Quality’s Information Security Program which includes information security risk management across First Quality Enterprises • Ensure that all physical and digital information assets and technologies, as well as employee, client and First Quality data are adequately protected • Define and mature the second line of defense and provide management with updates on the overall security posture of the organization • Lead the following Information Security Programs: Enterprise Technology Risk Management, Data Governance, Security Awareness & Training, and Compliance and supporting daily functions • Conduct IS technical risk assessment of First Quality systems and platforms against industry standards and frameworks such as the Center for Internet Security (CIS) • Identify system misconfigurations, weaknesses, gaps, and associated risks across numerous platforms • Work with the security team and engage with cross-functional departments to advise on best security practices for new and existing business led projects • Track security metrics, analyze trends, and deliver practical solutions that align with both security and business objectives

Job Requirements

B.S. in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent)
Security certifications such as CompTIA Security +, CISSP, CISA, CCNA or equivalent or working towards certification is preferred
6+ years’ experience working directly in an Information Security or Information Technology department with experience in developing testing security frameworks for compliance
Hands-on experience assessing security configurations in Windows/Mac/Linux environments, Azure and other cloud environments, SQL and Oracle databases
Experience with Netskope, Azure Purview, OneTrust or similar GRC tools is a plus
Experience with Operational Technology (OT) environments and securing manufacturing devices a plus
Strong knowledge & understanding of endpoint, server, network design and topologies
Strong understanding of a "hacker’s" mentality
Excellent written and oral communications skills; ability to lead discussions, present complex ideas to audiences of all sizes, and interact with all levels of the organization
Ability to self-manage, work independently with little direction and/or supervision but also work collaboratively in a team environment
Working knowledge of the following frameworks and regulations: ISO 27001/2, NIST 800-53, NIST CSF, CIS Benchmarks, ISF Standard of Good Practice, HIPAA Privacy Rule and Security Rule, MITTRE ATT&CK framework
Ability to prioritize and multitask and a work approach that supports flexibility and adaptability is paramount
Detail oriented and ability to think outside of the box to propose solutions to risks
Ability to communicate security risks to non-technical business stakeholders

Benefits

Competitive base salary and bonus opportunities
Paid time off (three-week minimum)
Medical, dental and vision starting day one
401(k) with employer match
Paid parental leave
Child and family care assistance (dependent care FSA with employer match up to $2500)
Bundle of joy benefit (years’ worth of free diapers to all team members with a new baby)
Tuition assistance
Wellness program with savings of up to $4,000 per year on insurance premiums