Senior InfoSec Compliance Specialist in Nashville, TN

$80K - $100K(Ladders Estimates)

Duff & Phellps, LLC   •  

Nashville, TN 37201

Industry: Finance & Insurance

  •  

Less than 5 years

Posted 53 days ago

Our Technology practice is looking for a Senior Info sec Compliance Specialist

At Duff & Phelps, your work will help protect, restore and maximize value for our clients. Join us and together we'll maximize the value of your career.



RESPONSABILITIES:

  • Conduct security due diligence assessments at the request of the business to verify a vendor's information security capabilities by providing security risk assessment questionnaires and creating final assessment reports
  • Negotiate with vendors to obtain remediation plans for issues identified
  • Complete client security questionnaires, answer follow-up questions and participate in client audits at the request of the business
  • Partner with business and other stake holders to ensure risks are clearly articulated in a manner that is understood by business and technology audiences
  • Work with the business to track the remediation to close out any vulnerabilities identified by clients
  • Review contracts and master service agreements as requested to ensure appropriate security language is present
  • Provide support in the development, implementation and maintenance of the Information Security program
  • Assist in the administration of an Information Security Awareness Program (new hire and annual training courses, phishing exercises, employee communications)
  • Perform general administrative duties as necessary to support Information Security operations
  • Partner with Information Security team resources as needed to assist the business in the development, maintenance, testing of their Business Impact Analysis (BIA)/Business Continuity Plans (BCP)

REQUIREMENTS:

  • Minimum 3-5 years of experience in Information Security related positions
  • Bachelor's degree in a related field from an accredited college or university
  • CISSP certification preferred but not required
  • Good English written and verbal communication skills
  • Thorough understanding of, and experience with, Information Security program development, maintenance and governance
  • Strong research skills
  • Ability to plan and execute with minimal oversight
  • Ability to multi-task and prioritize tasks across a range of projects, adjusting to shifting priorities
  • Excellent time management and organization skills
  • Strong personal integrity
  • Demonstrate commitment to obtaining outstanding results


Valid Through: 2019-10-17