Required Skills & Experience:

• 5 or more years of experience with information technology security programs, audits, controls and/or third-party risk management
• Ability to identify and assess IT security controls against policies and standards and Federal/State Regulatory requirements and identify and communicate gaps
• Exceptional written and verbal communication skills
• Advanced computer skills including Microsoft Office suite and other business-related software programs
• Ability to effectively manage time and productivity with competing priorities in a rapidly changing, fast-paced, interactive, results-based team environment
• Proven analytical / problem solving skills and ability to work with cross-functional teams
• High School diploma, GED or High School Equivalency.
• Embraces diverse people, thinking and styles.
• Consistently makes safety and security, of self and others, the priority.

Desired Skills & Experience:

• Bachelor’s Degree or 5 plus years of relevant experience in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information Security.
• Key industry certifications such as CISA, CISM, CISSP, CRISC, etc.
• Knowledge of industry standard frameworks such as NIST Cybersecurity Framework, ISO 27001, NIST 800-30, etc.
• Familiarity with third party information security attestations/certifications such as SOC I/II reports, ISO, PCI-DSS, SOX.
• Comprehensive knowledge of third-party risk concepts, methodologies, governance structures and experience in managing risk and performing vendor risk assessments
• Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics
• Experience across IT domains such as application development, infrastructure, technical support and operations, cloud technologies and/or continuity of business.