Sr. Security Risk Analyst
Sr. Security Risk Analyst
Employer Active
Job Alert
You will be updated with latest job alerts via email
Share
Job Alert
You will be updated with latest job alerts via email
Job Description
ESSENTIAL JOB FUNCTIONS
- Support security team projects such as threat modeling vulnerability scanning and audits.
- Lead security framework certification efforts.
- Design develop and implement IT security controls for cloud-based enterprise business systems that are aligned with policy and compliance requirements.
- Assist with vulnerability risk and security assessments of networks hardware and software.
- Develops implements and maintain security risk management processes that enable security risks to be identified aggregated tracked and managed.
- Execute risk and threat analyst activities that include track measure validate and report on risk identification acceptances and remediation efforts.
- Lead discussions assessments tracking and overall reporting of technology security risks to support organizational cyber security objectives.
- Advises on acceptable mitigating controls related to Policy and Standard Exceptions.
- Assists in the development dissemination and management of security metrics to be used in monitoring and improving the companys security posture and decision-making.
- Provides ongoing maintenance of the security risk register.
- Manage the effectiveness of tooling rationalizing tools as needed and identifying new tool requirements as necessary.
- Define metrics and key performance indicators to determine the effectiveness of the Security automation program.
- Demonstrate technical leadership to manage and provide multiple technical solutions establish and enforce coding guidelines and best practices.
- Serve as an internal security consultant to teams looking to make IT investments; ensure systems are designed in accordance with and are aligned to Cranes security policies and standards
- Influence the continuous improvement of the security program.
- Other duties as assigned
OTHER SKILLS AND ABILITIES
- Knowledge of risk management frameworks and applying risk methodologies.
- Understanding of conducting risk and/or self-assessment activities to identify key risk areas in the business.
- Experience associated with 3rd party risk assessments and understanding security in-depth principles to measure risk.
- Knowledge of security auditing procedures.
- Enthusiasm for scalable reproducible security management.
- Experience working on applications deployed within Azure is desirable.
- Understanding of DevOps and CI/CD practices and tools.
- Experience with security compliance monitoring tool including SIEM tools vulnerability scanning tools DLP (Data Loss Prevention) PAM (Privileged Access Management) and other infrastructure security tools.
- Knowledge of GRC and risk assessment tools (Archer or OneTrust preferred).
- Industry certification preferred in one of the following areas: (e.g. CISSP CISM CRISC or CISA).
- Familiarity with standards such as ISO 27001/27002 or the NIST Cybersecurity Framework is desirable.
- Knowledge of current data privacy laws (CCPA GDPR)
- Excellent verbal and written communication skills and excellent time management abilities.
- Strong customer orientation and excellent interpersonal and communication skills.
EDUCATION AND EXPERIENCE
- Bachelors Degree preferred
- Minimum 7 years of experience working with security frameworks and implementing cyber security controls across a heterogenous environment.
- Experience with public cloud architecture cloud strategy networking security and compliance workload types
PROFESSIONAL CERTIFICATION
Professional certification may be required in some areas.
PHYSICAL REQUIREMENTS
- Job may require extended sitting or standing use of standard office equipment
- Job requires the ability to use vision adjust focus and work on a standard computer screen
- Use of audio-visual equipment is required
- Job may require presence on-site at the assigned work location
MUST COMPLETE PI ASSESSMENT IN ORDER TO BE CONSIDERED FOR THE POSITION:
At Crane we believe in providing our employees with excellent benefits at a Great Place to Work.
We offer:
- Quarterly Incentive Plan
- 136 hours of Paid Time Off which equals 17 days for the year that can be used for Sick Time or for Personal Use
- Excellent Medical Dental and Vision benefits
- Tuition Reimbursement for education related to your job
- Employee Referral Bonuses
- Employee Recognition and Rewards Program
- Paid Volunteer Time to support a cause that is close to your heart and contributes to our communities
- Employee Discounts
- Wellness Incentives that can go up to $100 per year for completing challenges in addition to a discount on contribution rates
Come join the leader in logistics and take your career in the right direction.
Disclaimer:
The above statements are intended to describe the general nature and level of work being performed by people assigned to this position. They are not to be construed as an exhaustive list of all responsibilities duties and skills required of personnel so classified. All personnel may be required to perform duties outside of their normal responsibilities from time to time as needed.
The physical demands described here are representative of those that must be met by an employee to successfully perform the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
We maintain a drug-free workplace and perform pre-employment substance abuse testing.
This position requires the final candidate to successfully pass an E-Verify Check.
More Information: benefits are contingent upon meeting eligibility requirements and plan conditions.
Required Experience:
Senior IC
Employment Type
Full-Time
