Associate Director, Security & Assurance Lead (100% Remote)
· Ensurestrategic alignment with existing standards and direction for the architecture,installation, and maintenance of all security components as they relate to theestablishment and maintenance of compliance programs.
· Demonstratesextensive ability, and/or proven record of success, in IT security managementframeworks, especially ISO 27001 and 27002 (17799), and their application inthe support and integration of key business and strategic priorities, preferablyfor a global network or professional services firms, including in the followingareas:
- Managing strategic and tactical security policy and standards libraries based on those frameworks;
- Developing and managing structured risk identification, assessment, and treatment programs for large organizations;
- Translating technical IT security concepts into business terms;
- Working comfortably with all levels of leadership;
- Communicating and promoting the use Network security policies and standards;
- Comprehending the value of Network policies and standards, as well as business requirements, and the ability to recognize potential conflicts and arrive at successful outcomes collaborative;
- Managing key ISMS components: information asset inventory, risk assessment, security policy and standards development, internal assessment, and report to management;
- Understanding existing and upcoming legislative and regulatory requirements by working closely with enterprise risk management and security organizations, as well as safeguarding that they are incorporated in the ISMS;
- Addressing risk utilizing standardized and consistent methodology;
- Alignment with client mandates / inquiries regarding security posture, including requests to audit, site visits, and independent audits; and,
- Communicating, tracking and reporting on revisions to security controls in standards, policies and procedures
· Provideleadership during security incidents and response. This may include customerengagement and communications.
· Establishmentand enforcement of relevant regulatory structures and programs, compliantcontrols and infrastructure
· Responsiblefor ensuring present and future resource planning needs are met includingstaffing, software and hardware, and 3rd party contracts
· Responsibilityfor setting direction for security governance – Asses, develop, and implementsecurity policies, procedures and standards that describe pragmatic, risk-basedmechanisms to maintain the confidentiality, integrity and availability ofinformation systems and the data processed therein, in accordance withCognizant Corporate policies and procedures.
· Developand execute standards for design and operational procedures
· Workwith the Chief Security Officer (CSO), Chief Trust Officer (CTrO), andaffiliated Center of Excellence (COE) leaders to ensure Cyber Securitypractices align with vertical practices, business objectives and evolvingthreat landscape challenges
· EnsureSecurity / Business strategy alignment by emphasizing a partnership modelpromoting unified risk visibility.