Security Risk Engineer
Long Term Contract
Atlanta or Eagan, MN
*5-8 years of experience security risk experience required .
**Additional background: Department of Defense, FISMA, FEDRAMP, PCI, Risk Assessment, IT audit, governance, risk.
- Evaluate, quantify, and communicate risk across the compliance, internal controls, and cyber domains Establish and communicate key risk and key performance indicators respective to our program Engage with partners in Information Security, Information Technology, and lines of business to ensure we are in compliance with the companies Information Security policy, standards, and regulatory/statutory requirements.
- Analyze and research IT relevant policies, standards, and procedures against dedicated frameworks (NIST, ITIL, ISO) to provide guidance for driving continually effective and efficient processes .
- Key team player in driving regulatory engagements lifecycle such as SOX, PCI, Department of Defense (DoD), GDPR, and more
- Coordinate with internal and external audit teams, as needed, to fulfill regulatory/statutory requirements Engage & consult with key partners within the company to develop relationships to facilitate partnership & alignment .
- Anticipate organizational impacts & understand risk associated with introducing new technologies or processes.
- Exceptional written and verbal communication skills with a demonstrated ability to develop and maintain relationships Perform special projects as assigned, while effectively managing time with competing priorities Requires self-starters who work well within a largely self-directed environment.
- Manage regulatory artifact requests, collect evidence, and complete overarching engagement-related administrative tasks