Enterprise Services - Cyber Security Risk Management Consultant
Enterprise Security Services goal is to be the trusted partner in helping clients manage information security risk. We do this by helping clients develop security strategy, designing and implementing security technology, and managing and monitoring security infrastructure. We focus on service excellence with consistent, globally delivered, standardized services.
Candidate will support the Global Cyber Security Risk Management team conducting risk assessments on varying business related information and communications technologies (ICT) across the company. The risk assessments are conducted at every layer of the open systems interconnect model and involve corporate policy and standards, industry standards, IT computing controls. The candidate must have experience conducting risk analyses in a diverse ICT environment across varying infrastructures, applications and networks.
- Experience leading and consulting in a high-energy, GRC experienced teaming environment.
- Perform system and network security risk assessments in accordance with specified guidelines (ISO 31000/31010 and NIST SP 800 37).
- Competent at analyzing information systems security requirements to be implemented during system design.
- Experienced analyzing and reviewing results of network and system vulnerability scans and proficient at validating the implementation of IA Controls in accordance with aligned policy.
- Candidate should have hands on experience with OS and database level vulnerability scanning tools.
- Strong technical writing skills required to draft risk assessment results and remediation requirements packages, etc., to include requirements traceability matrices, security standard operating procedures, security test and evaluation plans, and residual risk assessments.
Education and Experience Required
- First Level University degree
- 7 years in risk management roles
- 7 years in IT compliance
Knowledge and Skills Required
- Demonstrates an in-depth understanding of key IT operational policies, processes and methodologies applicable to risk management and compliance.
- Professional Security certification (i.e., CEH, CISSP, CISA, CISM, SANS, etc.).
- Speaks with authority to all layered in depth cyber security and data protection components.
- Proven track record of successfully managing projects and project requirements.
- Perform in a teaming environment as an enabler—experience leading AND following IT tacticians and security practitioners to sound decisions.
- Strong communicator, comfortable discussing/consulting with technical and business staff.
- Strong interpersonal skills and excellent written and verbal communication skills.
- Broad understanding of security fundamentals and general security technologies, including operating systems, network security (firewall, virtual network, IPSec), Security Event Management, Business Continuity, physical security, cryptography, Identity Management, PKI, directory services, etc.
- Uncompromising personal and professional integrity and ethics.
- Sound decision-making and judgment, especially under pressure.
- Ability to work and succeed in a remote/virtual environment.
- Strong organization, prioritization, and rationalization skills.
- Ability to leverage ITIL standards applied to security.
- Experience working with senior management at large multi-national corporations.
Thanks for taking the time to review our job, if you think it is a match to your experience and interests please apply today— we are eager to learn more about you! If you know a friend who may be a fit for the job please refer them.
Please note the above statements describe the general nature and level of work only. They are not a complete list of all required responsibilities, duties and skills. Other duties may be added, or this description amended at any time.
Meet Some of Hewlett Packard Enterprise's Employees
Business Compensation Manager
Jeremy ensures all HPE employees are properly compensated for their contributions to the company, helping to retain top talent and market leaders for the organization.
Back to top