Security Governance Engineer - Hybrid (Granville, OH)

Rev Local
October 02, 2023
Offerd Salary:Negotiation
Working address:N/A
Contract Type:Other
Working Time:Negotigation
Working type:N/A
Ref info:N/A

This is a hybrid role with 2 days in office a week in our headquarters located in Granville, OH.

Security Governance Engineer - Hybrid (Granville, OH)

Security Governance Engineer Job Responsibilities:

Coordinates and performs security assessment functions and control testing reporting and activities in accordance with internal controls compliance, regulatory and departmental policy and procedures. The Security Governance Engineer updates and maintains control matrices and provides recommendations for management's consideration. This position ensures compliance with internal controls, regulatory and information security policies and procedures. The incumbent works with internal audit, external audit firms, and others to provide supportive documentation as applicable. The Security Governance Engineer takes a lead role in ensuring the security of all protected information collected, used, maintained, or released by RevLocal.

Security Governance Engineer Job Duties:

  • Protects systems by defining access privileges, control structures, and resources.
  • Recognizes problems by identifying abnormalities, reporting violations.
  • Implements security improvements by assessing current situation; evaluating trends; anticipating requirements.
  • Determines security violations and inefficiencies by conducting periodic audits.
  • Upgrades systems by implementing and maintaining security controls.
  • Keeps users informed by preparing performance reports, communicating system status.
  • Maintains quality service by following organization standards.
  • Maintains technical knowledge by attending educational workshops, reviewing publications.
  • Contributes to team effort by accomplishing related results as needed.
  • Implements security controls, risk assessment framework, and programs that align to regulatory requirements and best practices, ensuring documented and sustainable compliance that aligns and advances business objectives.
  • Evaluates risks and develops security standards, procedures, and controls to manage risks. Improves company's security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
  • Implements processes, such as GRC (governance, risk and compliance), to automate and continuously monitor information security controls, exceptions, risks, and testing. Develops reporting metrics, dashboards, and evidence artifacts.
  • Defines and documents business process responsibilities and ownership of the controls. Schedules regular assessments and testing of effectiveness and efficiency of controls and creates reports.
  • Updates security controls and provides support to all stakeholders on security controls covering internal assessments, regulations, protecting Personally Identifying Information (PII) data, and Payment Card Industry Data Security Standards (PCI DSS).
  • Performs and investigates internal and external information security risk and exceptions assessments. Assess incidents, vulnerability management, scans, patching status, secure baselines, penetration test result, phishing, and social engineering tests and attacks.
  • Documents and reports control failures and gaps to stakeholders. Provides remediation guidance and prepares management reports to track remediation activities.
  • Assists other staff in the management and oversight of security program functions.
  • Trains, guides, and acts as a resource on security assessment functions to other departments.
  • Remains current on best practices and technological advancements and acts as a technical resource for security assessments and regulatory compliance.
  • Will participate in on-call rotation for security-related incidents.
  • May require various shifts and/or weekends to provide incident response operations, business continuity plans, or disaster recovery operations.
  • Performs other related duties as assigned.
  • Knowledge, Skills, and Abilities

    Knowledge of:

  • Applicable information security management, governance, and compliance principles, practices, laws, rules and regulations.
  • Information technology systems and processes, network infrastructure, data architecture, data processes, and protocols.
  • Firewalls, network routing, server system administration.
  • Active Directory, access control, identity management, and related services.
  • Cyber and cloud security standard frameworks, architecture, design, operations, controls, technology, solutions, and service orchestration.
  • Information systems auditing, monitoring, controlling, and assessment process.
  • Incident response management.
  • Risk assessment and management methodology.
  • Skills in:

  • Developing and implementing enterprise governance, risk, and compliance strategy and solutions.
  • Researching and locating information related to internal and external organizations using online and other sources.
  • Security project management and planning.
  • Maintaining confidentiality.
  • Troubleshooting and operating a computer and various software packages.
  • Defining problems, collecting and analyzing data, establishing facts and drawing valid conclusions.
  • Using judgment and ingenuity in maintaining objectives and technical standards.
  • Ability to:

  • Effectively communicate technical issues to diverse audiences, both in writing and verbally.
  • Apply a risk-based approach to planning, executing, and reporting on audit engagements and auditing process.
  • Evaluate and update and/or revise program materials.
  • Learn quickly and apply knowledge to new situations.
  • Handle sensitive and confidential matters, situations, and data.
  • Understand and follow broad and complex instructions.
  • Interact positively with peers, executives, and external resources in order to enhance effectiveness and to promote quality service.
  • Comprehend technical language and to confer, analyze and write in an objective, lucid manner.
  • Work independently and prioritize multiple tasks and adapt to needed changes.
  • Remain calm under high pressure/difficult situations.
  • #INDCORP #LI-Hybrid

    From this employer

    Recent blogs

    Recent news