Security Engineer Team Lead in Marietta, GA at HUNTER Technical Resources

Date Posted: 5/12/2021

Job Snapshot

Job Description

Minimum Qualifications

- Bachelor' s Degree in Computer Science, CIS, Engineering, Business Administration, Cybersecurity, or related field

- 6+ years of experience in information security specific to a Governance, Risk and Compliance role, and at least 3 years’ experience in managing and/or performing third-party risk management (TPRM)

- Advanced understanding of fundamental security, vulnerability and cybersecurity concepts (PAM & IAM, Mobile Device & endpoint protection, logging and monitoring; cloud application & platform security [e.g. Azure, AWS, Google]; user access; perimeter protection principles, network communication rules; intrusion detection and analysis methods; etc.)

Preferred Qualifications

- 3 - 5 years of experience conducting PCI-DSS governance, risk and compliance assessments and technical reviews (specific to Security Governance, Risk & Compliance role)

- 3 - 5 years of experience developing Cybersecurity or information assurance policies, standards, awareness training, or equivalent issuances (specific to Security Governance, Risk & Compliance role)

- 3 - 5 years of experience conducting Vendor/Third-party risk assessments or technical reviews to analyze risk (specific to Security Governance, Risk & Compliance role)

Key Responsibilities

- Provides direction and oversight to IT project teams to design, develop, deploy and sustain solutions that meet PCI-DSS requirements, including but not limited to a set of technical and contractual risk mitigations and controls

- Works collaboratively across multiple business units to gather documentation for PCI Level-1 Assessments

- Provides PCI Remediation Consulting

- Develops and presents Executive presentations and deliverables related to the Third-party Vendor and PCI-DSS Risk Management programs

- Analyzes data to detect trends, make recommendations, and provide reporting, defines reporting requirements for standard reports

- Leads activities to assess adherence to the information security processes supported and drafts guidance documentation for the affected stakeholders in IT Operations and Business Operations

- Answers questions from attorneys, contract specialists and project managers about the information security processes supported; handles more complex questions/issues elevated from other analysts on the team

- Designs and facilitates process optimization initiatives

- Serves as an escalation point and mentor for junior staff for the most complex support problems

- Maintains process documentation repositories; ensures information is compiled in an organized manner

- Leads efforts to develop standard operating procedures; identifies and incorporates improvements on procedures based on best practices and industry trends

- Consolidates security-related findings, tracks KPIs, and presents results to information security and business leaders and/or vendor