Senior Security Assessor

Permanent Position in Plano, Texas

Post Date: 09/13/2017

Rate: Not Specified

Education Level: Bachelors

Reference: Job # 132867


Our client has an immediately full-time opening for a Senior Security Assessor.  Will support PCI Compliance, HITRUST, NIST, Risk Assessment project initiatives by undertaking risk assessments, advising on implementation of security measures, recommending appropriate risk mitigations, interpreting security policy and standards in the context of projects and business scenarios to help the business operate securely.  Will define security requirements and ensure that all projects meet these requirements, or that exceptions and issues are noted and remediated as appropriate.  Requires the ability to travel between 50 - 75%.

Essential Duties and Responsibilities:

  • Responsible for maintaining QSA certification and understanding of PCI data security compliance with the Payment Card Industry Data Security Standard as published by the PCI Security Standards Council.  HITRUST Certification, and other security certifications.
  • Provide post-sales technical expertise during the installation, implementation and maintenance of cyber security products, following detailed customer installation requirements.
  • Assess existing controls to determine level of compliance to the PCI DSS standard, HITRUST, AND NIST, inclusive of: their maturity, state of compliance, and their level of protection.
  • Supports PCI-DSS, HITRUST, NIST gap analyses and assessments of business process.
  • Supports sites in testing, documentation and issue resolution associated with cyber security programs
  • Perform comprehensive threat / risk assessments and business impact analysis of current system, data, application and technology environments to determine possible internal and external threats to information assets, and identify security measures required to counter such threats.
  • Participate in the development and implementation of the enterprise security architecture and supporting security standards to ensure compliance with corporate policies, and relevant legislative and regulatory requirements.
  • Perform technical security reviews or assessments to ensure targeted systems, networks, applications and/or data follow corporate policies and standards.

Qualifications:

  • Bachelor’s degree (preferably in Computer Science, Engineering, or a related field).
  • 5 + years of Information Security experience in Security Governance, Risk and Compliance practices and methodologies.
  • Security certification such as CISSP, CISA, CISM, SANS GIAC - GSNA, ISO27001 Certified Lead Implementer / Lead Auditor/Internal Auditor, IRCA ISMS Auditor or higher, IIA Certified Internal Auditor (CIA)
  • Strongly prefer PCI QSA or HITRUST certification.
  • Experience with performing cyber security assessments and familiarity with industry cyber security tools or experience auditing systems
  • Experience of security hardening techniques and policy development, particularly with regards to secure software development methodologies and process.
  • Previous experience in PCI-DSS, HITRUST, NIST compliance program including pre-assessment or assessment and gap remediation programs.
  • Proven track record of successfully delivering business requirements to time and budget constraints.
  • A thorough understanding of the best practices for services execution.
  • Knowledge of vendor / supplier contracts reviews.
  • Knowledge of Security Governance, Risk Management and Compliance.
  • Demonstrates advanced knowledge of the principles, best practices architecture and design approaches to applicable capabilities, services and standard controls that fall under the scope of the PCI-DSS.
  • Exposure as a QSA (Qualified Security Assessor), HITRUST, NIST or an ISA (Internal Security Assessor) would be a definite asset.

About MATRIX

Whether you are actively pursuing new job opportunities, or simply seeking market insight or career advice, MATRIX has you covered. At over $200 million in revenue, we offer access to top-tier client companies, value-added services and benefits that rival or exceed those of even our largest competitors. To learn more about how MATRIX is making your job search experience better, click the banner below or visit http://www.matrixres.com/infographic/index.html.

Please Note: Your resume will never be submitted to a client company without your prior knowledge and consent to do so.

MATRIX Infographic

Senior Security Assessor

Permanent Position in Plano, Texas

Job Overview

Post Date

09/13/2017

Rate

Not Specified

Education Level

Bachelors

Reference

Job # 132867

Our client has an immediately full-time opening for a Senior Security Assessor.  Will support PCI Compliance, HITRUST, NIST, Risk Assessment project initiatives by undertaking risk assessments, advising on implementation of security measures, recommending appropriate risk mitigations, interpreting security policy and standards in the context of projects and business scenarios to help the business operate securely.  Will define security requirements and ensure that all projects meet these requirements, or that exceptions and issues are noted and remediated as appropriate.  Requires the ability to travel between 50 - 75%.

Essential Duties and Responsibilities:

  • Responsible for maintaining QSA certification and understanding of PCI data security compliance with the Payment Card Industry Data Security Standard as published by the PCI Security Standards Council.  HITRUST Certification, and other security certifications.
  • Provide post-sales technical expertise during the installation, implementation and maintenance of cyber security products, following detailed customer installation requirements.
  • Assess existing controls to determine level of compliance to the PCI DSS standard, HITRUST, AND NIST, inclusive of: their maturity, state of compliance, and their level of protection.
  • Supports PCI-DSS, HITRUST, NIST gap analyses and assessments of business process.
  • Supports sites in testing, documentation and issue resolution associated with cyber security programs
  • Perform comprehensive threat / risk assessments and business impact analysis of current system, data, application and technology environments to determine possible internal and external threats to information assets, and identify security measures required to counter such threats.
  • Participate in the development and implementation of the enterprise security architecture and supporting security standards to ensure compliance with corporate policies, and relevant legislative and regulatory requirements.
  • Perform technical security reviews or assessments to ensure targeted systems, networks, applications and/or data follow corporate policies and standards.

Qualifications:

  • Bachelor’s degree (preferably in Computer Science, Engineering, or a related field).
  • 5 + years of Information Security experience in Security Governance, Risk and Compliance practices and methodologies.
  • Security certification such as CISSP, CISA, CISM, SANS GIAC - GSNA, ISO27001 Certified Lead Implementer / Lead Auditor/Internal Auditor, IRCA ISMS Auditor or higher, IIA Certified Internal Auditor (CIA)
  • Strongly prefer PCI QSA or HITRUST certification.
  • Experience with performing cyber security assessments and familiarity with industry cyber security tools or experience auditing systems
  • Experience of security hardening techniques and policy development, particularly with regards to secure software development methodologies and process.
  • Previous experience in PCI-DSS, HITRUST, NIST compliance program including pre-assessment or assessment and gap remediation programs.
  • Proven track record of successfully delivering business requirements to time and budget constraints.
  • A thorough understanding of the best practices for services execution.
  • Knowledge of vendor / supplier contracts reviews.
  • Knowledge of Security Governance, Risk Management and Compliance.
  • Demonstrates advanced knowledge of the principles, best practices architecture and design approaches to applicable capabilities, services and standard controls that fall under the scope of the PCI-DSS.
  • Exposure as a QSA (Qualified Security Assessor), HITRUST, NIST or an ISA (Internal Security Assessor) would be a definite asset.

About MATRIX

Whether you are actively pursuing new job opportunities, or simply seeking market insight or career advice, MATRIX has you covered. At over $200 million in revenue, we offer access to top-tier client companies, value-added services and benefits that rival or exceed those of even our largest competitors. To learn more about how MATRIX is making your job search experience better, click the banner below or visit http://www.matrixres.com/infographic/index.html.

Please Note: Your resume will never be submitted to a client company without your prior knowledge and consent to do so.

MATRIX Infographic