- Merck & Co. (Rahway, NJ)
- …innovation, and continuous improvement.Vendor & Partner ManagementManage relationships with payment processors, core providers, card networks, fintech partners, ... quality, and innovation of the credit union's payments ecosystem, including card services, ACH, wires, digital payments, real-time payments (RTP), and emerging… more
- Travelers Insurance Company (St. Paul, MN)
- …- $193,400.00 **Target Openings** 1 **What Is the Opportunity?** At Travelers, Our Risk & Security Officers assess internal and external cyber and tech ... risk -based remediations, and monitor and report completion. Risk & Security Officers provide assurance of...and identify gaps. + Deep technical knowledge of key security frameworks and assessments (SIG, SANS, NIST, PCI… more
- UMB Bank (Kansas City, MO)
- …Points If:_** + You have industry recognized certification relevant to information security or risk assessment (ie GIAC Incident Handler, CISSP, CRISC, SEC+, ... are present, usable and, understood within the organization. As a **Sr. Information Security Risk Analyst,** you will be responsible for supporting UMB Financial… more
- CVS Health (Richardson, TX)
- …around metrics, data, and reporting solutions. The analyst may also conduct security risk assessments for new technologies before deployment and technologies ... limited to NIST 800-53, ISO 27001/2, HIPAA/HITECH, HITRUST and PCI -DSS **Preferred Qualifications** + Industry leading reporting...data visualization tools + Ability to comprehend implications of security risk (inherent risk , residual… more
- EchoStar (Germantown, MD)
- …Duties and Responsibilities** **EchoStar** has an exciting opportunity for an **Information Security Risk and Governance Partner** in our **Hughes Network ... protect the company's digital assets and be instrumental in embedding the risk management framework and supporting our governance practices. You'll assess and… more
- Amazon (Seattle, WA)
- Description Amazon's Security Risk and Compliance (SRC) team is currently hiring a Security Compliance Specialist to focus on preparing for and supporting ... third-party attestation audits. This includes preparing SOC2 reports and regulatory/ industry certifications along with developing standard security response… more
- NetApp (NC)
- …violations. **Job Requirements** + 5+ years of experience in building and maintaining security risk & compliance programs. + Experience in implementing technical ... a GRC TPM in the Cloud business, you will join a growing Security & Compliance team within NetApp's fastest-growing business - https://cloud.netapp.com/ . The role… more
- Choice Hotels (Scottsdale, AZ)
- …largest lodging franchisors, has an exciting new opportunity as our Director, Information Security Governance Risk and Compliance (GRC) in the Information ... invite you to apply today for our Director, Information Security Governance Risk and Compliance (GRC) role...reporting. + Oversee regulatory compliance efforts, including SOX and PCI , and ensure alignment with industry standards… more
- Comerica (Farmington Hills, MI)
- …reporting. Ensure awareness of current technology, information risk / security risk management top line and emerging risks, industry best practices, ... (SLOD) risk management functions relative to Technology Risk , Information Risk / Security risk...assessments in compliance with guidelines/ requirements and/or certifications (ie PCI DSS, FFIEC, State Certifications, etc.). Act as a… more
- TECO Energy (Ybor City, FL)
- …(CIP), Sarbanes-Oxley (SOX), contractual requirements (eg, Payment Card Industry ( PCI ) Data Security Standards (DSS), Defense Federal Acquisition ... contractual requirements (eg, Payment Card Industry ( PCI ) Data Security Standards...by sampling compliance deliverables for acceptable content and assessing risk . Utilize security tools to further sample… more
- Capital One (Mclean, VA)
- …certification + 2+ years of experience with risk assessments to include PCI DSS, CoBIT Framework, physical security controls, or IT operations management + ... and needs to better serve the line of business + Proactively identify information security risk and partner with key stakeholders to reduce or eliminate risk … more
- MTA (New York, NY)
- …Conduct cybersecurity risk assessments of third-party vendors and suppliers using industry -standard frameworks, such as NIST, ISO, and CSA + Develop and maintain ... cybersecurity requirements and provisions + Coordinate, plan and execute risk -based security assessments of third parties to...MITRE, COBIT, COSO, HITRUST, SOC reports, CSF, ISO, GDPR, PCI ) + Extensive hands-on experience with GRC tools. +… more
- Deloitte (Pittsburgh, PA)
- …with the client + Function as an expert in CNAPP, CWPP and CSPM technologies and security risk frameworks relevant to cloud as well as the Microsoft Cloud ... following: Compute, Network, Storage, End-point, Application + 2+ years working with Cloud security industry standards such as Cloud Security Alliance (CSA),… more
- Sleep Number (Minneapolis, MN)
- …as well as provides subject matter expertise and strategic guidance to mitigate cybersecurity risk and foster a culture of security across the organization. The ... policy management, risk assessments, business continuity/disaster recovery, third-party risk , audit support, security awareness and compliance monitoring.… more
- American Express (New York, NY)
- …activities in support of American Express' compliance with the Payment Card Industry Data Security Standard ( PCI DSS) for select areas of the ... with compliance and risk management in Information Security with a focus on PCI DSS...assessments as a QSA. Experience within the Financial Services industry is a plus. Additionally, this role requires regular… more
- Perdue Farms, Inc. (Salisbury, MD)
- …laws, regulations, industry standards and ethical requirements related to IT risk , information security and privacy. **Minimum Education and Experience** + ... the organization's security posture. + Interpreting information security policies, standards (ie NIST, OWASP, PCI ...System Security Professional (CISSP), Certified Information System Security Manager (CISM), Certified in Risk and… more
- Guardian Life (New York, NY)
- …teams on secure architecture, risk mitigation, and compliance. + Act as a security leader and liaison for designated business units or functions for security ... processes meet defined objectives ** Risk Management & Governance** + Facilitate risk assessments, threat modeling, and security posture reviews. + Identify… more
- Lenovo (Morrisville, NC)
- …governance forums to drive policy decisions, risk escalations, and investment prioritization. Security Risk Management & ERM Ownership + Serve as the primary ... ERM authority under the CSO/CAIO, responsible for maintaining the security enterprise's risk register and aligning with corporate ERM processes. + Lead quarterly… more
- Washington Metropolitan Area Transit Authority (Washington, DC)
- …are tracked and managed effectively. + Performs senior-level execution of a risk -based, repeatable/consistent system security strategy based on the NIST ... system-level strategy with the organization and mission/business process monitoring strategy. + Advises security managers on risk levels and security posture… more
- SpaceX (Redmond, WA)
- …(can be concurrent) with control testing, security standards/policy implementation, security audits, or security risk management. PREFERRED SKILLS ... program. As a valued Information Assurance team member, you'll lead third-party/supplier security control and risk assessments, while also supporting our… more
