Information Protection Sr. Advisor - Bloomfield, CT
: Job Details :

Information Protection Sr. Advisor Seeking candidates local to the Bloomfield CT office - during onboarding/training the worker would be required to be onsite 5 days a week and then can move to a 3 day in office schedule. Core hours are 8:30am-5:30pm EST, some flex. No overtime or off hour work. Duties:Looking for a Cybersecurity professional to perform security assessments for new and existing IT Systems within the organization.This is an exciting time to join the security team as we work to continuously develop our program to meet the needs of an Agile IT workforce and further enhance Client's security posture and improve customer experience.This position requires strong communication abilities, technical expertise in the areas of application, cloud and infrastructure security; the ability to work well in a team; and the ability to multitask and work on assignments independently.The key responsibilities of the Controls Scoping Adivsor role are as follows:Pull intake requests from a backlog queueEngage with internal customersMeet with the project teams to discuss and document project scope and impacted solution componentsValidate data types and classificationsDeliver self-attestation exemption forms and self-assessment questionnaires to project teamsValidation of questionnaires and security artifacts to assess for controls effectivenessCreate risk findings for control deficiencies in a GRC toolDraft and finalize a summary report of the overall engagementSkills:Strong Communication skills, ability to speak to and document risks and possible solutions, and clearly articulate these to the business in laymen's terms if necessary. Ability to speak to security in groups meetings as needed.5-10 of experience with information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.) & some regulatory compliance background is a plus.GRC tool experience and Issues Governance processes is desired.Working knowledge or understanding of following technologies/protocols/methodologies:Physical and Virtual InfrastructureNetwork SecurityCloud Computing (AWS, Azure, Google, Private)ContainerizationAPI and MicroservicesStatic & Dynamic Code ScansPrismaOpenStack, ACI, Openshift, DockerSoftware Defined NetworkVirtualization BS or MA/MS in Computer Science, Information Security, or a related field ir preferred OR equivalent work experience with the preferred certifications outlined below:Certified Information Systems Security Professional (CISSP), Certified Cloud Information Professional (CCSP), Certified Information Security Manager (CISM), and/or Certified Risk and Information Systems Control (CRISC), Security+, Network+, etc.