Manager, IT Security Risk Assessment

KPMGLLP   •  

Orlando, FL

Industry: Accounting, Finance & Insurance

  •  

5 - 7 years

Posted 196 days ago

This job is no longer available.

Responsibilities:

  • Perform information security risk assessments of technology enabled projects; activities include vendor reviews, security requirement definition, and facilitation of security testing and management of residual risk
  • Advise and guide project teams regarding compensating control alternatives where security requirements cannot be met
  • Act as the primary point of contact between IT project teams and IT Security groups to help ensure that appropriate security resources are scheduled and that security-related project objectives and timelines are met
  • Perform Vendor Security assessments activities include evaluation of vendor controls and practices, process enhancements, performing on site assessments, reviewing security test reports, and analyzing and developing security requirements
  • Communicate and track remediation plans with vendors and IT teams and where applicable recommend mitigating/compensating controls

Qualifications:

  • Minimum of five years of experience performing IT security risk assessments and experience in Information Security
  • Bachelor's degree from an accredited college or university; must have CISSP and CCSP certifications
  • Demonstrated experience understanding of security principles, IT security controls, and related technologies and products
  • Prior experience in conducting Information Security risk assessments
  • Strong verbal/written communication, with ability to effectively interact with individuals at all levels of responsibility and authority; must be able to prioritize, delegate, and foster the development of high performance teams to lead/support an environment driven by customer service and team work
  • Strong trouble-shooting and organizational skills and ability to work on multiple projects simultaneously; ability to participate in resource planning processes based on defined organizational plans

Requisition #: 31336