Archiviertes Projekt - Security Officer (m/f/d)
Firmenname für PREMIUM-Mitglieder sichtbar
- Mai 2024
- November 2024
- Süddeutschland
- auf Anfrage
- 23.05.2024
- 33497
Projektbeschreibung
For our customer we are searching for an IT Security Officer (m/f/d) - remote possible
Your tasks:
• Project activity – Assess/review IT Risk and Security controls for customer applications
• Perform IT application security risk assessments
• Review and understand security architecture, data flow, network diagrams, etc.
• Review relevant documentation pertaining to in-scope applications
• Engage with ITRS consulting team to obtain risk levels for gaps
• Work with IT PMs to prepare gap presentations for Primary Asset Owner(s)
• Work with Risk Assessment and Control Evaluation (RACE) process and RSA Archer GRC application as aligned to the MR Essential 3.0 methodology and defined in the and prescribed in the RACE Work Instruction
• Engage and conduct (project specific meetings) with application teams (IT Product Owners, CART Owners, CART contributors, IT Project Managers, Data Protection Experts, Information Security Officers, etc.) to complete activities associated with the Risk Assessment and Control Evaluation (RACE) process, including reviewing Control Assessments (CA) and Risk Treatment Plans (RTP) using the RSA Archer Governance Risk and Compliance (GRC) application
• Become proficient with the use of the GRC RSA Archer application (training, data entry, processing, reporting)
• Adapt RSA Archer Control Assessment and Risk Treatment (CART) deliverables to Munich IRM control framework based on National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) v2.0
• Participate in various project related meetings with the project team, RACE team, RACE Task Force, and IT Project Managers and IT Security Officers as required.
• Submit weekly timesheets in the Planview time reporting system for manager review/approval
Your qualifications:
• Technical degree (preferably in IT) or senior IT Security experience and knowledge of IT security and infrastructure concepts, foundations, frameworks and processes
• A solid understanding of security best practices and relevant standards such as ISO2700, NIST CSF/RMF, PCI DSS
• Risk and Security governance knowledge and experience
• Basic knowledge of applicable laws/ regulations pertaining to areas of responsibility
• Advanced knowledge of organization, technology controls, security, and risk issues
• Demonstrated ability to participate in complex, comprehensive, large projects, and initiatives
• One or more industry recognized Information Security Certifications (CISSP, CISM, CCSP, CRISC, CISA, CDPSE)
• Business focused/Customer orientation, strong negotiating, and problem-solving skills
• Initiative, creativity, innovation abilities
Your tasks:
• Project activity – Assess/review IT Risk and Security controls for customer applications
• Perform IT application security risk assessments
• Review and understand security architecture, data flow, network diagrams, etc.
• Review relevant documentation pertaining to in-scope applications
• Engage with ITRS consulting team to obtain risk levels for gaps
• Work with IT PMs to prepare gap presentations for Primary Asset Owner(s)
• Work with Risk Assessment and Control Evaluation (RACE) process and RSA Archer GRC application as aligned to the MR Essential 3.0 methodology and defined in the and prescribed in the RACE Work Instruction
• Engage and conduct (project specific meetings) with application teams (IT Product Owners, CART Owners, CART contributors, IT Project Managers, Data Protection Experts, Information Security Officers, etc.) to complete activities associated with the Risk Assessment and Control Evaluation (RACE) process, including reviewing Control Assessments (CA) and Risk Treatment Plans (RTP) using the RSA Archer Governance Risk and Compliance (GRC) application
• Become proficient with the use of the GRC RSA Archer application (training, data entry, processing, reporting)
• Adapt RSA Archer Control Assessment and Risk Treatment (CART) deliverables to Munich IRM control framework based on National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) v2.0
• Participate in various project related meetings with the project team, RACE team, RACE Task Force, and IT Project Managers and IT Security Officers as required.
• Submit weekly timesheets in the Planview time reporting system for manager review/approval
Your qualifications:
• Technical degree (preferably in IT) or senior IT Security experience and knowledge of IT security and infrastructure concepts, foundations, frameworks and processes
• A solid understanding of security best practices and relevant standards such as ISO2700, NIST CSF/RMF, PCI DSS
• Risk and Security governance knowledge and experience
• Basic knowledge of applicable laws/ regulations pertaining to areas of responsibility
• Advanced knowledge of organization, technology controls, security, and risk issues
• Demonstrated ability to participate in complex, comprehensive, large projects, and initiatives
• One or more industry recognized Information Security Certifications (CISSP, CISM, CCSP, CRISC, CISA, CDPSE)
• Business focused/Customer orientation, strong negotiating, and problem-solving skills
• Initiative, creativity, innovation abilities
Kontaktdaten
Als registriertes Mitglied von freelance.de können Sie sich direkt auf dieses Projekt bewerben.
Top-Auftraggeber
- Verbesserte Wettbewerbssituation | Mit KRONGAARD verbessern Sie Ihre Wettbewerbssituation und sind i
- Renommierte Kunden | Unsere Kunden sind DAX-Konzerne, Banken, Versicherungen und viele weitere bedeu
- Intensive Betreuung | Marketing und Kundengewinnung, Buchhaltung, Vertragsmanagement – das und noch
- Persönlicher Kontakt | In unseren Büros in Hamburg, Berlin, Düsseldorf, Frankfurt am Main und Münche
- Wirtschaftliche Stabilität | Auch wirtschaftlich geben wir Ihnen maximale Sicherheit: Seit Jahren be
Kategorien und Skills
Sie suchen Freelancer?
Schreiben Sie Ihr Projekt aus und erhalten Sie noch heute passende Angebote.
Jetzt Projekt erstellen