Report to the Information Security Officer of USIS IT and be strategically involved in key security decision making for the Business Unit
Assist with internal consulting, advisement and assistance for all aspects of Information Security
Serve as subject matter expert in multiple security disciplines and security consultant for projects and troubleshooting efforts
Work as the subject matter expert on USIS business unit IT platforms and infrastructure
Participant in secure application and system development lifecycle activities and process assessments
Implement threat modeling, formulate application security procedures, and resolution plans
Provide technical support services in remediation of application security remediation efforts.
Work with the USIS business unit IT organization to proactively identify and address security observations/findings
Serve as subject matter expert in multiple security disciplines and security consultant for IT modernization and innovation efforts.
Evaluate and advise on policy exceptions for the business unit
Perform business process related securityrisk assessments
Maintain and monitor internal observations/findings for both internal customers and third parties
Perform advanced countermeasure design, development, implementation, and assessment in conjunction with Security Engineering
Lead small to mid-size security related projects to increase maturity of the Information Security program
Assist with investigation and resolution of securityevents, and assist with disciplinary and legal matters associated with such events
Understand how to manage a securityevent and crisis
Skills and Requirements:
Bachelor's degree or an equivalent combination of education and experiencerequired
6-8years of security and networking experiences
Experiences with application security testing and related efforts
Understand Gramm-Leach-Bliley Act (GLBA), Sarbanes-Oxley Act (SOX), SSAE-16 attestations, ISO 27001 Standards, Payment Card Industry Data Security Standard (PCI DSS), NIST Standards, standard security practices, current and emerging privacy and security regulations.
Strong communication skills including strong verbal presentation skills. Ability to communicate security concepts to technical and non-technical audience and able to interact with all levels of the organization
Experience working in matrix environment with globally diverse team members
Ability to work under pressure
CISSP, CISM or related certification is a strong plus
Leadership in intellectual engagement, work ethic; quality of work product
Good judgment, integrity and follow through on commitments
Team player who actively collaborates and commits to success of others.
Pitches in where necessary to support team success
Exhibits self-motivation to perform to the highest standard of excellence
Results Focused. Focuses on the critical objectives that add the most value and consistently delivers results that meet or exceed expectations
Relentlessly seeks, shares and adopts ideas and best practices in and outside the company and embraces change introduced by others