Send me more jobs like this

Technical Risk Assessment

Keywords / Skills : Technical Risk Assesment

3 - 5 years
Posted: 2019-07-21

Oil & Gas
Risk Assessment Engineer
Posted On
21st Jul 2019
Job Ref code
Job Description
Job Description :

·An experienced and proven Information / IT security professional is required to provide all aspects of the disciplines within the Information Security team. The role will be varied and as such we expect general capabilities within Information and IT security and a self-starter attitude - able to work with minimal supervision.
·There will be significant engagement with all aspects of Information Security and both IT and the business.
Skill Set:
·In depth knowledge of information security, risk management industry frameworks and standards NIST, OWASP, SANS, ISO-27001/2
·Working experience with enterprise risk management programs, privacy, data security and control issues with technologies such as Cloud, SaaS based applications, Linux, Windows, and Vulnerability Assessment.
·Possession of industry certifications desirable: CISSP, CISA, CISM, CEH, ISO27001 LA/LI
·Detailed knowledge and experience with network and applications protocols.
·Sound knowledge of latest encryption standards and techniques, PKI Infrastructure, Access controls and their types.
·Understanding of the business processes and associated risks enabled by various IT solutions.
This will likely include:
·To assess and identify the potential risks that may hinder the reputation, safety, security and financial prosperity of their organisation.
·Performing information security risk assessments, understanding threats, vulnerabilities and exposures associated with confidentiality, integrity and availability of information and serves as an IT Risk Management.
·To assist the client in the identification, testing and implementation of ''best practice'' security solutions
·Ensure that IT architecture, configuration, access controls, auditing and monitoring meet the organisation’s security requirements and comply with all applicable regulations
·Assist in the review of major vendor contracts/SOW’s, proposed infrastructure design
·Risk assessment, which involves analysing risks as well as identifying, describing and estimating the risks affecting the business
·Ensure that application architecture, configuration, access controls, auditing and monitoring for core applications in support of business processes meet the organisation’s security requirements and comply with all applicable regulations
·Reviewing and quantifying the organisation''s ''risk appetite'', i.e. the level of risk they are prepared to accept;
·Risk reporting in an appropriate way for different audiences, for example, to business heads to ensure they are aware of risks relevant to their parts of the business and to managers/individuals to understand their accountability for individual risks
·Design and implementation of Information Security risk management processes
·Operation of security risk management processes throughout Software Development Life Cycle aligned to ISO27K framework
·Definition and application ok key control frameworks
·Design and introduction of Information Security Standards covering a wide range of technical capabilities and platforms. Interaction with technical SME’s
·Provision of technical security consultancy to both IT and business stakeholder projects
·Information Security contractual obligations and supplier assurance activities
·Senior stakeholder engagement and ability to articulate risk in business terms
·Pragmatic and practical approach to all aspects of Information Security

Similar Jobs
View All Similar Jobs
Walkin for you