Information Security Engineer II

Information Security Engineer II

About the Role

The ISO Auditor is a member of the CISO Regulatory & Compliance Team and will assist in the performance of internal audits ensuring they comply with applicable Conduent and ISO security standards regulations and internal auditor will be professional independent impartial and fair in all interactions.

Responsibilities

• The NIST security resource is accountable for procedures and processes that ensure the integrity confidentiality and availability of assigned Business units information applications and infrastructure.
• Resource will perform routine risk assessments security audits and vulnerability scans to identify evaluate document and remediate organization risk control gaps and vulnerabilities.
• This position will be responsible for developing security reports security recommendations and security policies and procedures that are meaningful defensible and actionable for a variety of audiences as pertained to assigned business units.
• Perform log collection correlation reviews archival retention and monitoring of automated alerts for items such as and not limited to:
  • IPS/IDS alerts; change detection (FIM) alerts
  • application firewall alerts; malware alerts
  • rogue wireless network alerts
  • security system health alerts; exploit attempt alerts
• Participate and be an integral component of audit compliance and regulatory functions including and not limited to:
  • audits of system security to ensure compliance with Corporate security framework
  • NIST 80053 ISO 27001/2 PCIDSS
  • emerging country state and Federal privacy laws
• Primary POC in a vulnerability management program of the account that includes:
  • external and internal vulnerability scans of applications and systems
  • external and internal penetration tests of applications and systems
  • documentation and remediation of identified vulnerabilities and exploits
  • routinely monitoring various communication avenues for security vulnerabilities and security patches
  • taking a riskbased approach comparing those security vulnerabilities and security patches across the operating environments
  • making recommendations to various IT teams on the mitigation process for those identified security vulnerabilities
• Coordinate with business units operations and technology teams for incident response remediation and improvement
• Acts as the initial point of contact to facilitate the handling of security audits and client requests
• Supports the creation of business continuity/disaster recovery plans to include conducting disaster recovery tests publishing test results and making changes necessary to address deficiencies
• Maintain documentation that supports the annual Security compliance attestation as it is relevant to the assigned Business units

Requirements

CIPP CRISC CISA CISSP CISM ISO or any security/IT audit certification is a plus.

• Minimum of Five (4 to 5) Years of experience in IT Security or Security Auditing is required.
• Knowledge and understanding of security controls across all security domains such as access management encryption vulnerability management authentication authorization network security physical security etc.
• Ability to identify security risks in application system and network architecture data flow and processes or procedures
• Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls.
• Knowledge of security technologies devices and countermeasures as well as the threats they are designed to counter.
• Experience with developing security reports recommendations policies and procedures that are meaningful defensible and actionable for a variety of audiences.
• Familiarity with more than one framework (NIST 800series ISO 27000series PCI DSS and ISO HIPAA HITRUST FISMA FedRAMP other common security control frameworks).
• Experience in PowerPoint Word Excel; experience with Visio and MS Project.
• Communication skills (interpersonal verbal presentation written email). Experience to write report segments and to participate in presentations.
• Familiarity with security workflow and collaboration tools such Nessus Tenable Splunk SharePoint and ServiceNow (Snow) is a plus
• Positive attitude team player selfstarter; takes initiative ability to work independently and effectively with all levels of staff and management both internally and externally

Preferred Skills

• Creating and Maintaining NIST 80053rev5 based SSP and POAM
• Familiarity with more than one framework (NIST 800series ISO 27000series PCI DSS and ISO HIPAA HITRUST FISMA FedRAMP other common security control frameworks).

Flexible Working

At Conduent we want you to be yourself. We recognize that everyone is different and that how people want to work and deliver at their best is different for everyone too.
In this role you can expect the following working conditions:

Remote work: Enjoy the convenience of working from home and maximize your time by unplugging at the end of your workday.

Working For You

Perks and rewards designed for you:

• Health and Welfare Benefits: Our health and welfare benefits can be tailored to fit you and your familys needs and start on the first day of employment.
• Retirement Savings: We will support you as you save for your future.

Career Growth Opportunities: We help you thrive so together we can grow. We provide opportunities to advance your career with a vast portfolio of businesses and a global footprint.

• Paid time off: We provide attractive paid time off packages designed for you to enjoy your life away from work.
• Great Work Environment: We are proud of our awardwinning culture and the recognition weve received for our diversity efforts.

Join Us

At Conduent we are one team one mission. We understand that our success is directly related to the success of our associates. We strive to create a culture where you can:

Bring your authentic self to work
Grow and thrive both personally and professionally
Make a difference with our clients in our communities and with the millions of people we support

When you join Conduent you are engaged in creating the future both our companys and your own. With more than 60000 associates across 24 countries we will provide you the opportunity to grow with a team of people who will challenge and inspire you to be the best!

Pay Transparency Laws in some locations require disclosure of compensationrelated information. For this position actual salaries will vary and may be above or below the range based on various factors including but not limited to location experience and performance. In addition to base pay this position based on business need may be eligible for a bonus or incentive. In addition Conduent provides a variety of benefits to employees including health insurance coverage voluntary dental and vision programs life and disability insurance a retirement savings plan paid holidays and paid time off (PTO) or vacation or sick time. The estimated salary range for this role is $76076 $98800