TotalCyber.io
Cyber Security jobs across the world
Copyright 2024 All Rights Reserved by YipCraft
We will contibute 1% of your purchase to remove CO2 from the atmosphere.
What you'll do...
Position: Senior Risk Expert
Job Location: 702 SW 8th Street, Bentonville, AR 72716
Duties: Managing Functional Partnerships: build, maintain and enhance effective internal and external partnerships; clearly draft valuable information and seek input. Influence technical outcomes and assist in communicating shared goals with diverse groups and parties by linking their interests to that of the business. Identify and address additional partner technical needs and educate them on value creation. Communicate with other individuals or teams to solve shared business problems cooperatively. Consults regularly with leaders of business unit(s), serve to advise on business strategy decisions. Bring ideas and technical solutions proactively to the business partners and stakeholders Cyber Risk Management: guide the development of cyber risk assessment and/or management techniques. Pre-empt risks, vulnerabilities and threats across organization policies, processes and defenses. Evaluates effectiveness of current cyber risk assessment techniques. Directs improvements or modifications to vulnerability assessment techniques in view of emerging security risks and threats. Leads the implementation of cyber risk assessment activities throughout organization, ensuring alignment with organization's policies and principles. Analyzes cybersecurity gaps identified and project business risk and impact to the organization. Evaluates options and decide on suitable treatment of cyber risks, threats and vulnerabilities. Risk and Security Governance: independently assess the security compliance of applications and infrastructure components to risk and security standards and baselines. Identifies lapses in organizational risk and security standards or issues that may endanger information security and integrity. Develops specific action plans for different business units based on corporate risk and security policies, standards, and guidelines. Evaluates technologies and tools that can address security gaps and facilitate alignment with risk and security policies. Introduces/participates in the introduction of security controls in alignment with corporate risk and security policies and frameworks. Implements security guidelines and protocols and ensures understanding and compliance. Reviews the adequacy of information security controls. Identifies areas for improvement and proposes solutions or revisions to risk and security guidelines. Security Assessment and Testing: participate in authorized penetration testing of systems using a range of penetration testing methodologies, tools, and techniques. Demonstrates awareness of system components and impacts and contributes to the remediation of identified issues. Uses a suite of network monitoring and vulnerability scanning tools to assess threats and vulnerabilities in systems. Identifies vulnerability exploitations and potential attack vectors in systems. Analyzes vulnerability scan results to size and assess security loopholes and threats. Vulnerability Assessment: independently assess weaknesses identified in threat modeling, secures source code review, and makes recommendations to address/remediate/prevent. Conducts authorized penetration testing of systems using a range of penetration testing methodologies, tools, and techniques. Uses a suite of network monitoring and vulnerability scanning tools to assess threats and vulnerabilities in a system. Identifies vulnerability exploitations and assists in the implementation of vulnerability prevention and remediation. Proactively analyses vulnerability scan results to size and assess security loopholes and threats. Assesses current security practices and controls against expected performance parameters or guidelines. Communicates and delivers vulnerability assessments and penetration testing reports, highlighting key threats and areas for improving system security. Assesses hacking techniques and attacks posing the greatest risks to organizational systems.
Minimum education and experience required: Bachelor's degree or the equivalent in computer science, information technology, engineering, or a related field plus 3 years of experience in cybersecurity risk or related experience OR 5 years of experience in cybersecurity risk or related experience.
Skills Required: Must have experience with: Performing internal control planning in an integrated audit; Understanding likely sources of misstatement and testing design effectiveness for controls that address risks of material misstatement; Testing operating effectiveness of the controls; Planning and performing roll forward testing of controls; Evaluating control deficiencies/ gaps; Performing impact analysis on the current system due to identified control deficiencies; Performing root-cause analysis of the identified control deficiencies; Understanding and testing general IT controls; Evaluating and testing the financial reporting process; Testing controls with a review element - management review controls; PCAOB Audit practices; Implementing risk management controls; security controls and architecture of widely used cloud environments including Azure and GCP; Working on GRC tools like ServiceNow, SailPoint, Archer, Audit Board, ZenGRC; Understanding and testing indirect entity-level controls (SOC 1 and SOC 2 reports analysis); IT controls around Linux, UNIX, SAP, Windows AD, Oracle DB, SQL DB. Employer will accept any amount of experience with the required skills.
Wal-Mart is an Equal Opportunity Employer.
Senior Risk Expert
Location
Bentonville, AR
Workplace
Onsite
Type
Full-time