NOTE: THIS POSITION IS TO JOIN AS W2 ONLY.
Risk and Compliance Specialist
Location: Chicago, IL (Hybrid - 3 days Office)
6+ Months Contract
Major Duties include but not limited to:
Knowledge /Skills/Abilities/Experience & Desirable Criteria include:
Risk and Compliance Specialist
Location: Chicago, IL (Hybrid - 3 days Office)
6+ Months Contract
Major Duties include but not limited to:
- Lead Risk and control assessments for core cyber security domains, including vulnerability management, threat management, third-party security due diligence, identity and access management
- Provide technical expertise to assist the development and maintenance of cyber security standards in line with industry best practices, as well as technical expertise around security threats & vulnerabilities and software security testing
- Coordinate remediation of cyber security findings from various sources
- Assist in development and implementation of cyber security trainings for technical domains
- Participate in cyber incident responses to provide guidance related to cyber security risks and control assurance
- Influence behaviors to resolve conflicts, clarify goals and outcomes, and foster a strong technology risk management culture with information security organization
Knowledge /Skills/Abilities/Experience & Desirable Criteria include:
- 10+ years of technical or audit experience in core cyber security fields such as vulnerability / threat management, Pen-Testing, IAM, Data Protection, IH / IR, AppSec, Network Security, System Administrator, GRC
- Expert knowledge of performing risk management based on NIST 800-53.
- Experience in determining vulnerability risk impact on key objectives and critical processes; ability to link risk management programs and initiatives to inform critical business strategies and processes.
- Excellent analytical ability, consultative and communication skills
- Applicable industry standard certification(s) preferred
- Bachelor degree in Computer Science or a related discipline and technical experience in the security aspects of multiple platforms, operating systems, software, communications and network protocols or an equivalent combination of education and work experience.