3TG Staffing Solutions is looking for Cyber Security Risk Analyst. Great opportunity for hardworking, dedicated, and reliable applicants looking for a company to grow with.
Cyber Security Risk Analyst
The successful candidate will generate and champion new ideas and initiatives striving for process and technology improvements through the risk management function. Other essential functions include:
• Organize and maintain the cyber security risk portfolio within Garmin’s risk management system
• Work directly with application and data owners to drive mitigation of known risk
• Define and implement risk ratings, models, and hierarchies to identify the impact, severity, and overall risk of vulnerabilities
• Review red teaming results with key stakeholders providing scoring to prioritize remediation efforts.
• Track, measure, validate, and report on risk identification, stakeholder notification, and remediation efforts.
• Assign a preliminary risk profile by identifying the information security risk factors based on data classification, design, and functional purpose and use.
• Determine if any compensating controls are necessary due to inability to comply with the primary control requirements. Facilitate and help determine compensating controls when needed.
• Complete and present to Security management and business sponsors a risk assessment evaluation articulating risk and impact analysis when security controls cannot be met by an initiative to ensure transparency and appropriate level of acceptance.
• Maintains Information Security policies, standards, procedures, technical security baselines as applicable
• Regularly contribute to management reports covering information security risk treatment, mitigation, and risk metrics.
• Evaluate third-party risks resulting from the Company’s engagement or use of partners, vendors, suppliers, and technology or data related products.
• Collaborate and build relationships with IT colleague’s core business partners for continued security education and awareness.
• Participate in the strategy and day-to-day operations of the risk management function within Garmin’s cyber security program.
• Advise and consult with team and stakeholders in the following control areas is required: authentication, authorization, access controls (network and user), secure transmission and storage, encryption/key management, segmentation and network zoning, data flows, third party access and connectivity and functional purpose
• Other Duties as Assigned by Management. Qualifications Qualified candidates possess a Bachelor’s Degree in Computer Science, Information Technology, Management Information Systems, Business or another relevant field AND a minimum of 5 years relevant experience OR a Master of Science Degree in one of the fields noted above AND a minimum of 3 years relevant experience. Other requirements include:
• Strong understanding of industry frameworks and best practices (ex. NIST, ISO, OWASP, CIS, etc.)
• Detailed understanding of network design, security protocols and cloud integration security, with excellent analytical and problem-solving skills.
• Understanding of project management skills including design review, threat modeling and risk profiling while working across a large, distributed organization. Must apply the understanding to a diverse IT community to include policy, regulations, and compliance requirements.
• Must be team-oriented with proven skills in influencing people without having direct management authority and motivating them to successfully mitigate risk within required timelines.
• Excellent communication skills including both verbal and written
• Consistently demonstrates quality and effectiveness in work documentation and organization
• The ideal candidate must be able to convey complex security issues and risks while maintaining a positive relationship with key stakeholders
• CISM, CISSP, PCIP, ISA, or equivalent certifications preferred.
Who Are We?
We are 100% women owned business comprised of an encouraging, supportive, and diverse team who work to provide solutions and qualified staff for our clients. Currently, we work remotely. We maintain a high level of communication and function as a cohesive, collaborative team. If we sound like a good fit for you we would love to hear from you!
What do we do?
We help experienced talent regain employment. Our recruiting, training and staffing process ensures effective strategy, efficient planning, and timely execution. We specialize in top quality direct hire, temp-to-hire, and strategy consulting services virtually and on-site. 3TG specializes in business operations positions from entry-level to upper-level management, in a variety of industries.