Job Details

  • Title: Cyber Security Risk Assessment Specialist
  • Code: RCI-35883-1
  • Location: Princeton New Jersey (NJ) 08543
  • Posted Date: 02/24/2021
  • Duration: 12 Months
Talk to our Recruiter

  Job Description

The Cyber Security Risk Assessment Specialist works closely with IT teams to integrate security throughout the software development lifecycle by assessing application security. The Specialist is responsible for the evaluation of new projects and conducting routine security assessments that adhere to the company’s security guidelines.

• Execute cybersecurity risk assessment and control attestation processes in ServiceNow GRC
• Assess inherent cybersecurity risks in systems, infrastructure and cloud based on the business criticality and cyber threat landscape
• Review control effectiveness evidence to assess the quality and effectiveness of the implemented controls
• Provide security architecture advice and recommendation for programs and projects
• Conduct assessments to identify security risks in applications, systems and networks before they are implemented
• Work with development teams to provide appropriate and effective remediation guidance for vulnerabilities discovered during various assessments
• Document residual risk
• Prepare and communicate operational metrics and trend analysis for the Cybersecurity Leadership Team
• Work with IT and business stakeholders to provide security guidance and promote a positive security mindset

• Minimum of 5 years of information technology industry experience and at least 3 years in cybersecurity
• Minimum of 2 years of experience working on security architecture and design
• Bachelor's degree or equivalent experience
• Solid understanding of multi-tiered and cloud architecture
• Solid understanding of application security and system design
• Solid understanding of the Software Development Lifecycle (SDLC) and Agile Technologies
• Familiarity with common vulnerabilities and attack vectors
• Strong written and oral communication skills
• Information security certifications (GIAC, ISC2, ISACA), CISSP, CRISC, CISM, AWS certifications a plus