McAfee is currently seeking a, Information Security specialist to join its growing Information Security team. The Information Security specialist will assess and monitor formal risk management and self-assessment activities for key business functions, systems and processes, including driving risk remediation activities, coordinating customer and third party audits, coordinating responses to RFPs on IT security, controls and compliance areas using GRC Tools as part of the Information Security GRC Team.
Some of key job responsibilities to include:
- Lead or contribute to security risk assessments which determine threats, consequences, and vulnerabilities to business unit key assets, products, and services.
- Participate in the planning and direction of security risk assessments to examine and verify security capabilities, behaviors, and controls for authentication, authorization, integrity, availability, assurance, audit, and disposal of Intel's information assets to determine exposure and compliance levels.
- Lead in development of enterprise wide risk management program development
- Support in in design, build, and implementation of work flows , assessments , integrations & reports/dashboards preferred.
- Perform focused risk assessments of existing or new services, technologies and business processes.
- Communicate risk assessment findings to Information Security, IT and key business partners.
- Identify and implement appropriate controls to effectively manage information risks as needed.
- Identify opportunities to improve risk posture, developing solutions for remediation or mitigation of risks and assessing the residual risk.
- Maintaining strong working relationships with individuals and groups involved in managing information risks across the organization.
- Facilitate the implementation of manual GRC processes in the GRC Tool.
- Manage policies roadmap and assist in managing policies exceptions
- Operationalize and manage vulnerability remediation program and tracking/ metrics
Education, Qualifications/ Skills & Competencies
- Degree in computer science, business or related field
- 10+ years of combined experience in security compliance, certification or risk management domain
- CISSP, CRISC or CISA certification preferred. Experience with compliance and/or control frameworks preferred.
- Experience with Vendor/Third Party Risk Assessment preferred.
- Knowledge of NIST Risk Management Framework, ISO, PCI, COBIT or standards and regulations.
- Demonstrated ability to apply analytical skills in dealing with issues that are not readily defined or that conflict with available information.
- Solid understanding of industry best practices and standards for risk assessments, security audits, and third party vendor assessments.
- Excellent verbal and written communication skills.
- Good understanding of business process controls.
- Attention to detail and ability to implement.
- Excellent problem-solving, planning, time management, and follow through skills.
- Independent/self-starter with a willingness to learn.
- Ability to document processes, roles, key decisions, and other work session outputs.
- Ability to prioritize and organize work assignments for multiple work groups.
To relentlessly protect all that matters through leading edge cyber security, from your workplace to your home and everywhere in between.
To enable a world where cyber security is so consistent, reliable and effective that it becomes a trusted foundation in our lives – like clean air and water. Our technology enables the world to fully realize the transformative power of the digital age, by protecting all that matters. By doing our job well, we drive limitless innovation, securely.
We live our values day in and day out, do you think you can live our values with us? If you can, don’t think, just connect with us. Together is power.
- We achieve Excellence with Speed and Agility
- We Play to Win or Don’t Play
- We Innovate without Fear
- We Practice InclusiveCandor and Transparency
- We Put the Customer at the Core
Join our Talent Community: http://careers.mcafee.com/
McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.