Job Summary:

• Evaluate and manage risks to the company and third-parties
• Keep up to date with global security developments
• Write and maintain security documentation
• Manage security related projects and security incidents
• Maintain the security issue tracking system. 
• Work closely with the project team to ensure the quality of the work delivered is maintained
• Schedule and lead project closure reviews, ensuring lessons learned are communicated and incorporated into future projects
• Demonstrate flexibility in prioritizing and completing tasks
• Coordinate/manage cyber projects across multiple verticals and contracts
• Build business in cyber security products
• Conduct Cyber presentations and workshops

Skills on Resume:

• Risk Management (Hard Skills)
• Security Awareness (Hard Skills)
• Documentation Management (Hard Skills)
• Incident Management (Hard Skills)
• Quality Assurance (Hard Skills)
• Project Closure (Soft Skills)
• Task Prioritization (Soft Skills)
• Cybersecurity Presentations (Hard Skills)

Job Summary:

• Assist in the up-keeping of the SOPs by reviewing regularly to ensure that the requirements and standards specified within are kept up-to-date to meet both the Authority’s requirements as well as industry security standards.
• Assist in the review of Projects’ systems and processes to ensure that the technology, methods and practices employed remain relevant, accurate, and effective.
• Work with the Cybersecurity Head to ensure the proper conduct of the annual declaration exercise.
• Manage project execution life cycle, including project charter, scope, planning, requirements, design development, implementation, change control, risk management, and reporting.
• Maintain timely and proactive communication with management and other stakeholders. 
• Prepare and present status reports, deliverables, and presentations 
• Develop an understanding of key company business processes and success drivers. 
• Maintain a working knowledge of cybersecurity principles and concepts.

Skills on Resume:

• SOP Review (Hard Skills)
• Project Assessment (Hard Skills)
• Compliance Oversight (Hard Skills)
• Lifecycle Management (Hard Skills)
• Stakeholder Engagement (Soft Skills)
• Report Preparation (Hard Skills)
• Business Insight (Soft Skills)
• Cybersecurity Fundamentals (Hard Skills)

Job Summary:

• Maintain awareness of threat actor tools, techniques and procedures (TTP’s)
• Regularly assess the risk of cyber-attacks by leveraging industry frameworks (e.g. Mitre ATT&CK) and ‘Adversary Simulation/ Red Team’ assessments
• Maintain the Risk Register and Risk Treatment Plan
• Collaborate with Subject Matter Experts to research, develop and implement risk-mitigation strategies (people, process and technology) to counter current and emerging threats
• Perform architecture reviews, risk and vulnerability assessments on systems, applications, third party and cloud hosted services
• Deliver and/ or coordinate regular phishing simulations and cybersecurity awareness campaigns for EDFT staff
• Maintain an effective incident response capability comprising a Managed Detection and Response (MDR) service, incident response plan and procedures
• Coordinate regular incident response exercises
• Respond and manage the remediation of suspicious email reported by employees
• Collaborate on and manage the delivery of EDF Group policies and directives
• Maintain and enforce the company’s security policies, directives and standards
• Implement mechanisms to measure compliance (and address non-compliance) with security controls

Skills on Resume:

• Threat Awareness (Hard Skills)
• Risk Assessment (Hard Skills)
• Risk Management (Hard Skills)
• Risk Mitigation (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Incident Response (Hard Skills)
• Security Policy (Hard Skills)
• Compliance Monitoring (Hard Skills)

Job Summary:

• Coordinate and/ or perform periodic user access reviews
• Define and report cybersecurity key performance indicators on a monthly basis
• Support internal and external audits and the development of remediation plans
• Provide security governance as part of change control process
• Maintain a documented service catalog with defined roles and responsibilities
• Proactively manage team resources to balance new demands whilst also delivering the agreed security strategy, services and compliance mandates
• Monitor/review/evaluate staff performance, develop staff (skills/competencies as well as mentoring/coaching), delegate and empower team members to achieve their objectives
• Manage the performance of security operations activities within agreed targets
• Manage a continual improvement programme that reduces cyber risk, increases effectiveness and efficiency.
• Leverage tools such as Kanban to manage tasks
• Sponsor, build the business case and drive delivery of security change
• Manage the relationship between the security function and various stakeholders including but not limited to IT, HR, Compliance, Regulatory, Internal Controls, EDF Group and third party service providers
• Evaluate, implement or oversee the implementation of security tools and services

Skills on Resume:

• Access Reviews (Hard Skills)
• KPI Reporting (Hard Skills)
• Audit Support (Hard Skills)
• Security Governance (Hard Skills)
• Resource Management (Soft Skills)
• Team Development (Soft Skills)
• Performance Management (Hard Skills)
• Change Management (Hard Skills)

Job Summary:

• Support the ongoing development of cyber-security strategy.
• Own and lead the execution of strategy, working with extended IT Team, 3rd party consultants, and other key stakeholders.
• Assess current state vs target state
• Manage the roadmap to achieve target state over a multi year, continuous improvement program
• Create, Change and Manage Controls
• Measure and track Control effectiveness over time
• Build, measure, manage and report controls for existing and new 3rd party service suppliers
• Partner with service suppliers for cybersecurity services
• Manage and Respond to Cybersecurity incidents
• Educate the business through Training, Policies and Communications
• Vulnerability Monitoring and Remediation

Skills on Resume:

• Cybersecurity Strategy (Hard Skills)
• Roadmap Management (Hard Skills)
• Control Management (Hard Skills)
• Effectiveness Measurement (Hard Skills)
• Supplier Partnership (Soft Skills)
• Incident Response (Hard Skills)
• Business Education (Soft Skills)
• Vulnerability Management (Hard Skills)

Job Summary:

• Supervise the technology evolution and the changes in the company’s needs to promptly adapt cybersecurity strategy and tactics.
• Define and improve security processes and procedures, updating the related documentation in all domains, such as security governance, security compliance, risk management, security operations, supply chain security, security training & awareness, intellectual property protection, etc.
• Perform security assessment and risk management activities, weighing business opportunities against security risks that can potentially compromise organization’s long-term financial rewards.
• Oversee integration of new IT systems development with the data and information security policies, introducing a “security by design” approach.
• Support SOC to improve detections and capabilities of SIEM.
• Ability to analyze Security Reports provided from SOC and help the IT Team to implement the security remediation
• Develop cyber resiliency to rapidly recover from any unwanted event able to damage business activities and interests.
• Plan and implement security training and security awareness programs respectively for cybersecurity/IT colleagues and general users.
• Manage existing relationship with Outsourcers and Partners to ensure successful implementation of Security Standards.
• Ability to work between functional and technical teams

Skills on Resume:

• Cybersecurity Supervision (Hard Skills)
• Process Improvement (Hard Skills)
• Risk Assessment (Hard Skills)
• Security Integration (Hard Skills)
• SOC Support (Hard Skills)
• Security Analysis (Hard Skills)
• Cyber Resiliency (Hard Skills)
• Stakeholder Management (Soft Skills)

Job Summary:

• Oversees corporate Information Security group.
• Identifies and implements appropriate controls to effectively manage Information Security.
• Maintains strong working relationships with individuals and groups involved in managing information risks across the organization.
• Monitor and validate adherence to information security controls, and promote security awareness.
• Maintain knowledge of regulatory standards and best practices.
• Keeps up to date with current Information Security trends, attacks and news. 
• Promotes Information Security sharing and involvement with Information Security peers.
• Evaluate Nelnet practices, and make recommendations to improve policies, standards, procedures and guidelines.
• Develop and lead associate growth including coaching, objective setting, training, performance management and career opportunities.
• Department planning, purchasing and budget responsibilities.

Skills on Resume:

• Security Oversight (Hard Skills)
• Control Management (Hard Skills)
• Relationship Building (Soft Skills)
• Security Monitoring (Hard Skills)
• Regulatory Compliance (Hard Skills)
• Trend Monitoring (Hard Skills)
• Policy Improvement (Hard Skills)
• Team Coaching (Soft Skills)

Job Summary:

• Manage and guide the security team and remediate security gaps using industry best practices.
• Work closely with Product Management to understand security implications of features and lead threat analysis.
• Communicate security posture and best practices as part of running security training programs for different engineering teams.
• Promote active prevention of security threats.
• Work with Engineering and DevOps teams to integrate security into the CI/CD pipeline and SDLC.
• Oversee the bug bounty programs, CVE filing of security issues, and communications pertaining to security reports with customers & contracted security service providers.
• Analyze security issues found by different teams and improve security processes on an ongoing basis.
• Sign off on product releases, acting as the security release gate.

Skills on Resume:

• Team Management (Soft Skills)
• Threat Analysis (Hard Skills)
• Security Training (Soft Skills)
• Threat Prevention (Hard Skills)
• Security Integration (Hard Skills)
• Bug Bounty Oversight (Hard Skills)
• Process Improvement (Hard Skills)
• Release Approval (Hard Skills)

Job Summary:

• Manage core risk management responsibilities, including creating and maintaining the firm's cybersecurity policies and standards and building awareness of policies and standards with technology delivery personnel across the firm.
• Work collaboratively to build technical standards and define these standards across each tier of the control framework
• Ensuring standards are aligned with the company policies and control framework.
• Assist in the development and maintenance of a policy compliance program that reflects the importance of conforming to cyber best practice 
• Preserving the tenants of entrepreneurialism and self-governance. 
• Support essential efforts to ensure control maturity scores are accurately captured and serve as an advisor to portfolio/system leads on risk management-related topics.
• Conduct periodic risk assessments and provide insights for various governance bodies on risks and adherence to company policies and standards.
• Manage governance, risk & compliance platform, and tooling, ensuring consistency with risk frameworks.
• Interfacing with customers, negotiation and review of customer requirements with a focus on cybersecurity impact
• Creating the Cybersecurity Plan and the Cybersecurity Assessment Document

Skills on Resume:

• Risk Management (Hard Skills)
• Policy Development (Hard Skills)
• Standards Alignment (Hard Skills)
• Compliance Program (Hard Skills)
• Control Maturity (Hard Skills)
• Risk Assessment (Hard Skills)
• Governance Management (Hard Skills)
• Cybersecurity Planning (Hard Skills)

Job Summary:

• Responsible for the overall end-to-end management of the company's cybersecurity operations for corporate and cloud systems across global footprint
• Develop and lead the Security Operations team in the execution of the company’s cybersecurity strategy for the delivery of secure, scalable infrastructure systems and services.
• Works with management and other technical teams in support of various internal and external audits 
• Develops and implements strategic, technical, and operational security/infrastructure controls that are properly aligned with business goals and objectives
• Manages the Security Operations team responsible for maintaining security configurations for critical infrastructure systems and for using applicable encryption methods
• Providing information to management regarding the negative impact on the business caused by theft, destruction, alteration, or denial of access to information.
• Provide day-to-day management to Cybersecurity personnel in an IT Department in multiple office and data center locations.
• Manages, coordinates, and prioritizes the schedules, projects, and activities of direct reports.
• Works with management to coordinate responses to information security control testing and vulnerability scans, audits, and assessments
• Implements practices to optimize this process across the organization for the proactive reduction of organizational risk.

Skills on Resume:

• Cybersecurity Management (Hard Skills)
• Team Leadership (Soft Skills)
• Audit Support (Hard Skills)
• Security Controls (Hard Skills)
• Configuration Management (Hard Skills)
• Risk Communication (Soft Skills)
• Project Coordination (Soft Skills)
• Risk Optimization (Hard Skills)

Job Summary:

• Manages security vendors including Approved Scanning Vendors, Managed Security Service Providers, and external pen test vendors.
• Oversees Company Information Security operations.
• Executes and improves the core functions of the Cybersecurity Operations Center, including threat detection and prevention, incident response, systems and network security monitoring, forensics, vulnerability management, and data loss prevention at enterprise scale
• Review computer security incident reports and anomalous activity of network and ensures ongoing proactive measures to mitigate risks as well as providing tier 1-2 escalation path for resolving security incidents
• Responsible for creating and maintaining dashboards that monitor infrastructure security and risks KPIs.
• Researches, develops, and keeps abreast of tools, techniques, and process improvements in support of security detection and analysis.
• Serves as an internal information security consultant on information security projects/initiatives, automation of security testing.
• Participates in major new system implementation projects to ensure that appropriate security controls are built into systems prior to production cutover.
• Works closely with the IT Architecture team to design and implement automated security controls in DevSecOps methodology along with the associated tools and processes.

Skills on Resume:

• Vendor Management (Hard Skills)
• Security Operations (Hard Skills)
• Threat Detection (Hard Skills)
• Incident Response (Hard Skills)
• Dashboard Creation (Hard Skills)
• Security Research (Hard Skills)
• Security Consulting (Soft Skills)
• DevSecOps Implementation (Hard Skills)

Job Summary:

• Ensures the monitoring of intrusion detection and security information management systems to discover and mitigate malicious activity on networks.
• Works with Investigation team(s) on serious security violations.
• Manages team to conduct root cause analysis for operational security issues.
• Drives process improvement and control implementation projects in coordination with the other Enterprise Information Service Teams.
• Acts as a catalyst for change to improve security processes that benefit the organization.
• Responsible for reporting risks that are identified to the appropriate team and/or management
• Responsible for managing, monitoring, and reporting risks within the scope of work area, including, but not limited to Information Security risks.
• Uses tools and techniques to collect, analyze and aggregate data loss prevention, security information event management, privileged account management, and data encryption
• Ensures ongoing system and security health checks on identified high risk network segments, systems, and applications as well as follow up remediation.

Skills on Resume:

• Intrusion Monitoring (Hard Skills)
• Incident Investigation (Hard Skills)
• Root Cause Analysis (Hard Skills)
• Process Improvement (Hard Skills)
• Change Management (Soft Skills)
• Risk Reporting (Hard Skills)
• Data Analysis (Hard Skills)
• Security Health Checks (Hard Skills)

Job Summary:

• Monitoring of intrusion detection systems.
• Create of detailed intrusion and event reports.
• Monitor and analyze security logs, network traffic (PCAP) and Net Flow analysis.
• Respond to security breaches and other cyber security incidents.
• Perform network traffic analysis utilizing raw packet data, net flow, PCAP, IDS/IPS and firewall log and sensor output.
• Provide information regarding intrusion events, security incidents, and other threat indications and warning information to Upper Management.
• Document all activities during an incident and providing leadership with status updates during the life cycle of the incident.
• Collaborate with technical and threat intelligence analysts to provide indications and warnings, and contribute to predictive analysis of malicious activity
• Manage security tools, provide system administrative support and maintain and upgrade tool sets
• Perform information security incident response and incident handling based on risk categorization
• Participate in a Cyber Incident Response Team

Skills on Resume:

• Intrusion Monitoring (Hard Skills)
• Incident Reporting (Hard Skills)
• Security Log Analysis (Hard Skills)
• Breach Response (Hard Skills)
• Traffic Analysis (Hard Skills)
• Incident Documentation (Hard Skills)
• Threat Collaboration (Soft Skills)
• Security Tool Management (Hard Skills)

Job Summary:

• Work with IT and business functions to ensure new capabilities adhere to all relevant global standard and China law and regulations.
• As derived from global cybersecurity policies and standards, lead the design, development, and implementation of new and updated local cybersecurity policies and capabilities
• Ensure the development, maintenance, and approval of security capability roadmaps
• Development of reporting and metrics, that inform global cybersecurity team and local business leadership of cyber security risk and operational performance.
• Maintain expert level cyber security knowledge and expertise and serve as the go-to cyber security resource for local IT and business leadership.
• Work closely with global cybersecurity team and report with a dotted line to the global CISO
• Forecast and maintain operating and capital budgets.
• Manage program in compliance with NIST 800-171 and future CMMC requirements
• Perform risk assessment, develop and review system security plans (SSP), Plan of Action and milestones (POA&M) Security Control Assessment, Configuration Management Plan (CMP), Contingency plans (CP), and other tasks and specific security documentation in accordance with NIST SP 800-37
• Implement security requirements, integrate security programs, and define the scope and level of detail for security plans and policies.
• Assist in computer incident investigation, troubleshooting, and problem solving.
• Analysis of network and system activity for anomalous or malicious actions.

Skills on Resume:

• Regulatory Compliance (Hard Skills)
• Policy Development (Hard Skills)
• Capability Roadmapping (Hard Skills)
• Reporting Metrics (Hard Skills)
• Cybersecurity Expertise (Hard Skills)
• Budget Management (Hard Skills)
• Risk Assessment (Hard Skills)
• Incident Investigation (Hard Skills)

Job Summary:

• Review, enable, and negotiate cyber technologies through the procurement process, fulfilling procurement system/process requirements, and acquiring needed services and tools in a timely and cost-effective manner.
• Develop relationships with vendors and suppliers as well as assess acquisition terms and recommend options for competitive costs and/or cost savings.
• Provide mentorship across teams regarding acquisition compliance to build skills within CISO department.
• Communicate technical information in a manner that is most successful for a given audience.
• Provide support to cybersecurity audits performed by internal and external organizations.
• Lead assigned tasks to successful outcomes. 
• Develop plans that include deliverables, phases, milestones, and resource assignment. 
• Monitor and frequently report on status, health, and key issues while ensuring information is easily understandable, actionable, supports effective decision making and builds trust with sponsors and stakeholders.

Skills on Resume:

• Technology Procurement (Hard Skills)
• Vendor Management (Soft Skills)
• Acquisition Compliance (Hard Skills)
• Technical Communication (Soft Skills)
• Audit Support (Hard Skills)
• Task Leadership (Soft Skills)
• Project Planning (Hard Skills)
• Status Reporting (Hard Skills)

Job Summary:

• Lead the Security Hardening, Compliance and Monitoring topics
• Ensure the Security by Design of each core and satellite tech tools and tech solutions selected
• Monitor and approve the proper implementation of each
• Drive the security transition to the Operation Teams and CISO
• Frame and lead the security testing strategy, as part of the DevSecOps
• Monitor security defects and advise on security improvements / remediations
• Contribute contractual framework for the security scope of each provider
• Supervise infrastructure & technology security audits on the program Scope.
• Organize with all infrastructure suppliers, the implementation of the supplier security plan
• Identify infrastructure security risks, communication and development of best practice solutions, and implement mitigating controls consistent with company strategy.
• Act as the IT liaison to lead communications with internal security and infrastructure teams and suppliers.
• Report the security contract deviances and necessary alignment
• Proactively report security deviances forecasted or noticed
• Report providers KPIs through service reporting

Skills on Resume:

• Security Hardening (Hard Skills)
• Compliance Monitoring (Hard Skills)
• Security Design (Hard Skills)
• Testing Strategy (Hard Skills)
• Risk Management (Hard Skills)
• Supplier Supervision (Soft Skills)
• IT Liaison (Soft Skills)
• KPI Reporting (Hard Skills)

Job Summary:

• Assist clients in developing cyber risk strategies and multi-year implementation and remediation programs based on business priorities and risks
• Advise clients in developing and tailoring approaches, methods and tools to support cyber risk programs and initiatives
• Lead, manage and collaborate in the development of the company’s Center of Excellence for cybersecurity
• Operate across both technical and management leadership capacities
• Remain current on industry trends in cyber risk with industry standards and regulatory requirements (e.g., ISO27001/2, NIST cyber security framework, NERC CIP, NERC PRC)
• Work collaboratively with senior cyber security stakeholders
• Present and obtain buy-in for overarching cyber risk strategies from Executive Leadership
• Build solid, trust-based relationships with client stakeholders
• Work collaboratively with the client to identify and solve key constraints, risks and issues
• Develop quality and meaningful deliverables that suit specific client needs
• Communicate with clients in an organized and knowledgeable manner

Skills on Resume:

• Cyber Risk Strategy (Hard Skills)
• Client Advisory (Soft Skills)
• Center of Excellence (Hard Skills)
• Leadership Collaboration (Soft Skills)
• Industry Trends (Hard Skills)
• Stakeholder Engagement (Soft Skills)
• Relationship Building (Soft Skills)
• Deliverable Development (Hard Skills)

Job Summary:

• Advise internal customers regarding cloud-specific security measures for their applications in the agreed cloud security provider
• Manage SIEM, operational intelligence and threat management solutions for 24/7 business
• Conduct Vulnerability Assessment and remediate findings
• Work on complex cyber security incidents with a focus on remediation and closing the incident
• Regular reporting on various Security Metrics (KPI's and KRI's)
• Ensure the policy is implemented appropriately in all aspects of IT systems/infrastructure as well as non-automated methods and procedures
• Consult with auditors and regulatory authorities 
• Provide leadership to (and management of) the ICT Cyber Security Team, acting as a central point of reference and base of knowledge, transferring skills
• Take the lead in the day-to-day management of Information & Communications Technology (ICT) security issues including leading on investigation, diagnosis and remedy of incidents generated by users or automated systems
• Provide practical, professional and technical advice to the I.T. Managers and Cyber Security Forum (CSF) members regarding ICT security and risk analysis/ management
• Undertake projects as agreed with line managers to achieve and improve compliance with cyber security standards
• Work within and provide advice on suitable and relevant cyber security policies and procedures.

Skills on Resume:

• Cloud Security (Hard Skills)
• SIEM Management (Hard Skills)
• Vulnerability Assessment (Hard Skills)
• Incident Remediation (Hard Skills)
• Security Reporting (Hard Skills)
• Policy Implementation (Hard Skills)
• Team Leadership (Soft Skills)
• Risk Management (Hard Skills)

Job Summary:

• Support in the identification of relevant Cyber Security laws, regulations and standards and co-create, together with business stakeholders, new approaches, policies, requirements and/or guidance to address them.
• Manage Business Line Cybersecurity projects at Service Division Product Testing of the company and work- streams across the company and report to the company management
• Drive cybersecurity initiatives together with colleagues from other Business Lines and Regions.
• Develop new ways of monitoring compliance to products and services security standards, regulation, and best practices.
• Support the Cyber Security Service Division, product managers, project managers, R&D heads and testing and certification for product, services and process.
• Breakdown of project cyber-security requirements and tailoring wrt the project in question
• Definition and implementation of project cyber-security guidelines, policies and rules
• Project-wide support for implementation of the corresponding cyber-security measures (hardware, software, training)
• Constantly Monitoring the cyber-security measures, advising project team members regarding IT security questions
• Coordinate with Corporate Security department, security administrators and IT administrators
• Manage the project cyber-security resources (time, man-hours, budget, hardware, licenses).
• Identify and analyze cyber-security vulnerabilities, risk assessment and mitigation.

Skills on Resume:

• Cybersecurity Compliance (Hard Skills)
• Project Management (Hard Skills)
• Initiative Leadership (Soft Skills)
• Monitoring Compliance (Hard Skills)
• Requirement Breakdown (Hard Skills)
• Policy Implementation (Hard Skills)
• Risk Assessment (Hard Skills)
• Resource Management (Hard Skills)

Job Summary:

• Manage the Government RMF ATO process for systems
• Develop and implement information security standards, processes and procedures, and guidelines for the enterprise.
• Coordinate with technology and business groups to assess, implement, and monitor information security risks/hazards.
• Provide regular reporting/transparency on the threat landscape.
• Develop an Information Security Incident Response Plan and manage the execution of the plan should an incident occur.
• Understand the trade-offs required to manage the different levels of risk tolerance and risk exposure across the organization and balance this with risk investments.
• Report security performance against established security metrics.
• Create and implement policies and procedures that define behaviors required to maintain a strong information security posture.
• Create an information security awareness program to ensure staff members across the organization understand the policies and procedures related to information security.
• Research and evaluate new information security technologies.
• Maintain awareness of trends in state-of-the-art technologies in the Information Technology Security Administration disciplines.

Skills on Resume:

• RMF Management (Hard Skills)
• Security Standards (Hard Skills)
• Risk Assessment (Hard Skills)
• Threat Reporting (Hard Skills)
• Incident Response (Hard Skills)
• Risk Management (Hard Skills)
• Policy Development (Hard Skills)
• Technology Evaluation (Hard Skills)

Job Summary:

• Conduct and participate in the review, evaluation, and recommendation of software products, productivity tools, and external services.
• Assess and recommend internally managed services and tools vs. outsourced models.
• Audit and review all information security issues in the organization, partner with other organizations on information security issues (such as Asset Protection and Legal), and manage all information security incidents and threats, both internal and external.
• Oversee internal and external network security assessments as well as application security assessments.
• Participate in all IT projects that require Information Security oversight.
• Review vendor security assessment process and results.
• Develop client relationships and engage in support for business development activities, including methodology development, proposal writing, and direct support for presentation to potential clients.
• Drive adherence to the relevant PKI and eIDAS regulations and standards, including processes, procedures and standards
• Management and direct contribution to PKI, webtrust and eIDAS project execution by supporting client engagement and spotting client opportunities.
• Implement and integrate organizational, procedural and technical security requirements in PKI client environments, applying industry best practices and regulations.

Skills on Resume:

• Software Evaluation (Hard Skills)
• Service Assessment (Hard Skills)
• Security Auditing (Hard Skills)
• Network Security (Hard Skills)
• Project Oversight (Hard Skills)
• Client Engagement (Soft Skills)
• Regulatory Compliance (Hard Skills)
• PKI Management (Hard Skills)

Job Summary:

• Identify and protect company assets through the development and implementation of security protocols
• Coordinating the security team to make sure that follow security procedures and guidelines through training programs and assessments
• Perform security process evaluations and inspections
• Assess the effectiveness of the measures against security risk management plan
• Develop IT security policy and operational procedures based on information collected
• Develop a documented action plan containing policies, practices and procedures that mitigate the identified risks
• Manage the budget for security operations within an organisation.
• Create and deliver client security transformation programs which are driven by PKI technologies.
• Help assess and secure the design and implementation of clients’ infrastructure that is driven by PKI technologies.
• Develop working relationships with peers across other PKI and eIDAS community and participate in the development of leading cyber security solutions.

Skills on Resume:

• Asset Protection (Hard Skills)
• Team Coordination (Soft Skills)
• Process Evaluation (Hard Skills)
• Risk Assessment (Hard Skills)
• Policy Development (Hard Skills)
• Budget Management (Hard Skills)
• Security Transformation (Hard Skills)
• Community Engagement (Soft Skills)

Job Summary: 

• Define security requirements and configure anti-virus systems and consoles
• Conduct threat and risk analysis and provides essential suggestions
• Regular reporting on various Security Metrics (KPI's and KRI's)
• Work on complex cybersecurity incidents with a focus on remediation and closing the incident
• Manage information security, certifications, compliance, and quality
• Oversee internal and external network security assessments as well as application security assessments.
• Participate in all IT projects that require Information Security oversight.
• Review vendor security assessment process and results.
• Analyzing general cybersecurity situation about all vehicle connectivities
• Shaping and operating the Risk Management process.
• Scouting China-specific cybersecurity issues from a wide range of information resources and providing reports.
• Making proposals on new technologies to improve cybersecurity based on the industry trends and development
• Manage the implementation and maintenance of designated security policy, procedure, and process improvements
• Ensure client and partner data is well protected for the top merchants and issuing banks around the globe.

Skills on Resume: 

• Security Requirements Definition (Hard Skills)
• Threat and Risk Analysis (Hard Skills)
• Security Metrics Reporting (Hard Skills)
• Incident Remediation (Hard Skills)
• Application Security Assessments (Hard Skills)
• Vendor Security Review (Hard Skills)
• Risk Management (Hard Skills)
• Collaboration and Reporting (Soft Skills)

Job Summary: 

• Help to design, implement, and maintain the organization’s cybersecurity plan.
• Oversees and manages the Cyber Security program which from a technical perspective supports the overall Carle Enterprise Information Security Program.
• Develop and direct implementation of security standards and best practices for the organization.
• Review and provide technical guidance on all Enterprise Information Security Policies.
• Assist the Director of Information Security with leading different workgroups.
• Create and maintain documentation and plans for Cyber Security Incident Response.
• Assists with assessing the cybersecurity posture of current and new IT systems
• Makes recommendations for security remediation.
• Manage and coordinate efforts in support of external audits and assessment activities.
• Provide audit response and ongoing guidance on solutions to achieve and maintain security compliance, mitigate information security risks and correct compliance exposures and gaps.
• Monitor the organization’s networks for security breaches and investigate violations when they occur.
• Serves as an internal cybersecurity consultant to the organization.
• Works ethically and with integrity supporting organizational goals and values.
• Monitor and influence the Cyber Security Regulations and standards.
• Lead and support related activities with involved departments and central partners.

Skills on Resume: 

• Cybersecurity Plan (Hard Skills)
• Program Management (Hard Skills)
• Security Standards (Hard Skills)
• Incident Response (Hard Skills)
• Audit Coordination (Hard Skills)
• Compliance Monitoring (Hard Skills)
• Collaboration (Soft Skills)
• Ethical Leadership (Soft Skills)

Job Summary: 

• Work closely with local ISO staff to assist with the day-to-day Information Security oversight, awareness and issue resolution associated with the Albert brand within Czechia.
• Plan and manage routine penetration tests, vulnerability scans, and security baseline compliance checks.
• Implement plans for remediation of findings.
• Conduct initial and ongoing formal assessments of information security risks related to business projects and/or vendors, determine the potential impact of those risks, and conduct follow-up on any necessary remediation efforts.
• Manage Cyber Security Incidents to include incident detection, triage, and escalation per company protocol and forensic methodologies.
• Manage incident response and forensic services including the Global Incident Response Team (GIRT) for the region.
• Demonstrate specialized knowledge, including data protection methods, in technology areas like cloud computing, AIX/Linux, Windows, networking, and perimeter protection
• Manage a team of cybersecurity analysts and engineers dedicated to meet Visa's strict security requirements
• Manage the Cardinal Cybersecurity Project Roadmap
• Develop and grow the Cybersecurity programs through new tools and initiatives
• Oversee routine security audits, reviews, and tasks to meet and/or exceed PCI DSS, Visa EACS, and other industry and customer requirements
• Coordinate security training programs and administration
• Identify and propose security policy, procedure, and process improvements

Skills on Resume: 

• Information Security Oversight (Hard Skills)
• Penetration Testing (Hard Skills)
• Risk Assessment (Hard Skills)
• Incident Management (Hard Skills)
• Forensic Services (Hard Skills)
• Team Management (Soft Skills)
• Security Audits (Hard Skills)
• Training Coordination (Soft Skills)

Job Summary: 

• Responsible for understanding customer contract requirements with regards to cyber security, and for providing cost and schedule estimates to internal and external stakeholders.
• Must understand risk trade-offs with regards to business operations impacts, risk appetite, and team with stakeholders to ensure the right level of risk mitigation measures are in place.
• Responsible for establishing and ensuring compliance through appropriate policies, processes, and technology with NIST 800-171, ISO 27001:2013, CIS Critical Security Controls, and Naval Nuclear 801 requirements.
• Responsible for developing and maintaining System Security Plan (SSP).
• Provides metric-based measurement of risk, compliance, and security posture including report-outs to Executive leadership and other stakeholders.
• Provides broad technical knowledge across a wide range of Information Security tools, techniques, and controls and incorporates projects needed into the IT Technology Roadmap.
• Understands and utilizes incident response methodologies, frameworks, tools, and techniques.
• Participates as a member of the Incident Response Team.
• Ensures forensics are performed for potential data spills and breaches provides the necessary information to the Incident Response Team and supports required internal and Federal government reporting within required timeframes.
• Responsible for supporting Legal and Human Resources department legal discovery requests and employee investigation requests.
• Oversees procedures to ensure security reviews of new technologies being considered and existing technologies in use as part of regular audits and the Request for Change process.
• Responsible for ensuring ongoing reviews of systems for potential vulnerabilities or attacks for systems included on the approved software list are conducted and followed up on trends with the appropriate IT manager.
• Supports project management in the initiation, planning, design, execution, monitoring, controlling, and closure of security projects.
• Works with Technical Services and Enterprise Applications managers to ensure processes are in place to appropriately harden infrastructure servers, networks, and enterprise applications.

Skills on Resume: 

• Contract Requirements (Hard Skills)
• Risk Management (Hard Skills)
• Compliance (Hard Skills)
• SSP Development (Hard Skills)
• Metrics Reporting (Hard Skills)
• Incident Response (Hard Skills)
• Security Audits (Hard Skills)
• Collaboration (Soft Skills)

Job Summary: 

• Combine capabilities from security service providers and various in-house IT teams to strengthen 24/7 security operations capabilities, especially in incident response and remediation
• Enforce good cyber hygiene and conduct a cyber security awareness program
• Conduct cyber security reviews and risk assessments on new technologies, IT systems, and digitization solutions
• Define and implement cyber security improvement projects to counter the latest cyber threats
• Develop and maintain cyber security policy, standards, and guidelines
• Oversee IT Disaster Recovery (DR) capability and conduct regular ITDR drills
• Plan and manage cyber security budget and measure its effectiveness
• Automate security operations and upkeep the technical capabilities of the team
• Identifies cyber security deficiencies and risk mitigation strategies, develops and oversees corrective actions implementation through technical and non-technical measures working in conjunction with the appropriate IT manager.
• Leads tabletop cyber security exercises for the Incident Response Team.
• Schedules and supports third-party cyber security audits.
• Oversees an active Cyber Security Awareness and Education Program tailored to business and department needs across the company.
• Stays abreast of implemented technologies vulnerabilities and sends communications to the appropriate IT team to address.
• Advise and manage the transformation and improvement of organizations’ Cyber Security programs
• Advise on and implement performance management and assurance frameworks for Cyber Security

Skills on Resume: 

• Security Operations (Hard Skills)
• Incident Response (Hard Skills)
• Cyber Hygiene & Awareness (Soft Skills)
• Risk Assessments (Hard Skills)
• Cybersecurity Improvement Projects (Hard Skills)
• IT Disaster Recovery (Hard Skills)
• Budget Management (Hard Skills)
• Performance Management (Soft Skills)

Job Summary: 

• Performs self-assessment, cures gaps, manages, and delivers successful 3rd party security validations to gain customers’ authority to operate by standards such as SOC2, FedRAMP, ISO 27001, and NIST CSF.
• Provides support to the sales organization with prompt and effective responses to cyber security questionnaires and contract negotiations.
• Implements and monitors the cyber security policies and procedures
• Continuously refines and enforces the cyber security policies, standards, and procedures
• Provides information security training to employees, contractors, alliances, and other third parties.
• Monitors and reviews compliance with the organization’s information security policies and procedures among employees, contractors, alliances, and other third parties and refers problems to appropriate department managers or administrators.
• Monitors internal control systems to ensure that appropriate information access levels are maintained.
• Stay current on the latest information technology and security trends
• Recommend corrective actions as identified and needed through various information security-driven or supported initiatives.
• Monitors advancements in cyber security technologies and recommends new technologies and product modifications based on new risks/threats that would provide value to the collaboration.
• Ability to analyze complex projects and identify relevant policies, gaps, and risks.
• Works independently with project teams and requires advanced oral and written communication skills.
• Understanding the Security policy and guidelines that are provided by global team and demonstrating it to build security systems locally
• Provide governance and security solutions for migration projects from legacy systems to cloud environment
• Plan and carry out info security measures

Skills on Resume: 

• Security Assessments (Hard Skills)
• Policy Implementation (Hard Skills)
• Compliance Monitoring (Hard Skills)
• InfoSec Training (Soft Skills)
• Risk Analysis (Hard Skills)
• Cybersecurity Trends (Hard Skills)
• Communication Skills (Soft Skills)
• Cloud Security Solutions (Hard Skills)

Job Summary: 

• Implement information security risk management, supporting both GDPR and PCI.
• Present risk-based security position and recommendations and drive the organization's information security improvement plans.
• Provide information security designs and solutions and drive the implementation of security-by-design and privacy-by-design in information systems.
• Implement appropriate Cyber Security Awareness programs for colleagues.
• Provide leadership to (and management of) the ICT Cyber Security Team, acting as a central point of reference and base of knowledge, transferring skills
• Take the lead in the day-to-day management of Information & Communications Technology (ICT) security issues including leading on investigation, diagnosis, and remedy of incidents generated by users or automated systems
• Provide practical, professional, and technical advice to the IT Managers and Cyber Security Forum (CSF) members regarding ICT security and risk analysis/ management Undertake projects as agreed with line managers to achieve and improve compliance with cyber security standards
• Work within and provide advice on suitable and relevant cyber security policies and procedures.
• Build and develop long-term relationships with senior stakeholders.
• Lead the development and implementation of key cyber initiatives - coordinating closely with appropriate colleagues throughout the organization.
• Led a portfolio of cyber-related engagements across the business, including effective people management on client engagements and working seamlessly and collaboratively with colleagues in other parts of the organization and globe.
• Contribute to the latest thought-leadership and industry research relating to cyber security and organizational crisis and response management to cyber issues.
• Review and lead on the management of Cyber Security, covering people, physical, process and technology aspects
• Assess risks, using recognized sources of threat intelligence as well as risk impact assessments

Skills on Resume: 

• Risk Management (Hard Skills)
• Security Recommendations (Hard Skills)
• Security Design (Hard Skills)
• Cyber Awareness Programs (Soft Skills)
• Team Leadership (Soft Skills)
• Incident Management (Hard Skills)
• Stakeholder Relationships (Soft Skills)
• Risk Assessment (Hard Skills)

Job Summary: 

• Assist with providing technical expertise and draft documentation required by all policies and decision levels for the development, integration, implementation, and sustainment of systems’ Anti-Tamper compliance and Cyber Security (CS) certification and accreditation through the appropriate decision accreditation authority.
• Support CS audits and required testing events.
• Assist in acquiring and maintaining program accounts for Enterprise Mission Assurance Support Service (eMASS) and Enterprise Information Technology Data Repository (EITDR)
• Shapes and establishes corporate information security posture.
• Defines processes to achieve information security goals.
• Defines security-related policies.
• Performs risk assessment and prioritizes tasks.
• Works with IT department to implement technical and procedural controls.
• Reports to the management about the state of corporate security.
• Responsible for regulatory compliance and security certifications.
• Replies to security-related inquiries from prospects, customers, and other entities.
• Work as part of the global CEM community to develop and tune Morgan Stanley Fusion event response operations
• Capture event follow-ups and complete formal Post Mortems

Skills on Resume: 

• Technical Expertise (Hard Skills)
• Documentation Drafting (Hard Skills)
• Audit Support (Hard Skills)
• Security Posture Development (Hard Skills)
• Risk Assessment (Hard Skills)
• Compliance Management (Hard Skills)
• Incident Response (Hard Skills)
• Reporting to Management (Soft Skills)

Job Summary: 

• Interface with existing SGS clients in cooperation with the local China sales team to demonstrate the added value provided by the Hardware and Software security testing services portfolio
• Partner with the SGS Cyber Lab team in Austria to prepare test plans, proposals, and service offerings for the client base
• Conduct tests on devices that will focus on design, security systems, and the operational environment of the product.
• Identify potential security vulnerabilities and how they could be exploited
• Support the assessment of the compliance and security of electronic devices, solutions, and environments according to various standards and certifications
• Prepare physical and logical test set-ups and conduct source code reviews, threat analysis, and wireless network assessments.
• Perform network, web, mobile, or application pen testing.
• Assist in the development and implementation of Fusion’s global operations, working with Fusion leadership and nodes in Asia and North America as part of a comprehensive “follow the sun” workflow processes
• Orchestrate cyber event management from detection to resolution to recovery for cyber threats, vulnerabilities, or incidents that threaten the Firm’s clients, assets, or reputation
• Drive decision-making to minimize the Firm’s risk of any cyber event
• Develop, maintain, and continually refine Fusion standard operating procedures for escalation, communication, and response and work in collaboration with the respective stakeholder teams to ensure information is accurate and actionable
• Coordinate decision-making of critical cyber and technology response work by chairing conference calls and publishing formal communication
• Conduct cyber incident scenario preparation including scenario development with stakeholder teams, Cyber playbook development and documentation, incident simulations and exercises, as well as post-incident reviews
• Develop, exercise, and continually refine Cyber playbooks for a range of potential threat scenarios

Skills on Resume: 

• Client Engagement (Soft Skills)
• Test Plan Preparation (Hard Skills)
• Security Vulnerability Identification (Hard Skills)
• Compliance Assessment (Hard Skills)
• Penetration Testing (Hard Skills)
• Cyber Event Management (Hard Skills)
• Incident Scenario Preparation (Hard Skills)
• Cyber Playbook Development (Hard Skills)

Job Summary: 

• Manage cyber threat intelligence through research and the deployment of new technology.
• Draws upon skills and knowledge in the areas of network administration, engineering and security to counter the activities of cyber criminals such as hackers and developers of malicious software.
• Performs intelligence analysis, making predictions about cyber criminals and their future activities based on what is already known about them.
• Implement and monitor controls necessary to ensure processes are performed and are effective to protect the environment from all forms of malicious cyber activity.
• Author a Global Security Report on incidents and threat intelligence relating to current and emerging threats to the organization.
• Works closely with Corporate Security in fraud detection.
• Collaborates with others who are conducting fraud and/or security investigations.
• Works to develop an understanding of the tools and processes involved in wire fraud and other electronic fraud vectors.
• Responsible for the evaluation and management of the incident response and reporting process and procedures, making improvements where necessary.
• Represents the Information Security Teams as an active member of the Incident Response Committee.
• Analyzes cyber network events and determines impact on current operations through all-source intelligence.
• Fosters relationships with FBI, Secret Service, local law enforcement, and other industry SMEs.
• Gathers, analyzes, and assesses the current and future threat landscape, and assists the CISO in providing leadership with a realistic overview of risks and threats in and to the organization

Skills on Resume: 

• Threat Intelligence Management (Hard Skills)
• Cyber Intelligence Analysis (Hard Skills)
• Control Implementation (Hard Skills)
• Incident Reporting (Hard Skills)
• Fraud Detection Collaboration (Soft Skills)
• Incident Response Management (Hard Skills)
• Network Event Analysis (Hard Skills)
• Stakeholder Relationships (Soft Skills)