Our direct client, a global media & entertainment, is seeking an Information Security professional to join the Global Information Security organization located in New York. This position will be a part of the team responsible for implementing and maintaining an enterprise-wide risk and compliance strategy to secure our client’s information assets, services, and the products that depend on them, building trust with customers and stakeholders, and protecting the privacy of customers and employees.
The “Ideal Candidate”…
- is a driven team-player with experience working in a dynamic environment and the ability to wear multiple hats in the information security realm.
- should have a proven history of policy design and security awareness delivery in one or more security domains.
- should have experience in risk management techniques including control assessments, gap analysis, external or internal audit, risk management concepts and risk assessment methodologies.
- should be able to leverage multiple forms of communication to articulate complex concepts with proficiency to both technical contributors and executive management.
- Provide management reports, dashboards, and detailed presentations for senior management and business leaders and clearly demonstrate an understanding of risks and findings.
- Manage compiling weekly, monthly and quarterly metrics and reporting with regard to the current state of SME’s information security program and specific projects/activities
- Monitor and participate in mid-range planning exercises and risk and metrics committees
- Evaluate the design effectiveness of controls based upon industry best practice models
- Manage and deliver security enhancement projects
- Facilitate risk assessments, maturity assessments, and evaluation of controls and measurements against policies, standards and processes
- Leverage existing eGRC tools to manage treatment plans and policy exceptions, and assist in the overall maturity of the program
- Bachelor’s degree, preferably in Computer Science or a related field, such as business administration or management information systems, or equivalent experience
- CISSP, CISM, CAPM, PMP, Lean Six Sigma, or ITIL certification(s) preferred
- Track record of independently performing information security assessments or IT / ISO audits
- Knowledge of project and program management preferred
- Experience with GRC tools, such as RSA-Archer preferred
All resume submissions will be reviewed and qualified candidates will be contact promptly.
DTG Consulting Solutions, Inc. is an Equal Opportunity Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, age, sex, national origin, disability status, protected veteran status, or any other characteristic protected by law.