Information Protection Sr. Advisor - Bloomfield, CT

Information Protection Sr. Advisor  Seeking candidates local to the Bloomfield CT office - during onboarding/training the worker would be required to be onsite 5 days a week and then can move to a 3 day in office schedule. Core hours are 8:30am-5:30pm EST, some flex. No overtime or off hour work.

Duties:
Looking for a Cybersecurity professional to perform security assessments for new and existing IT Systems within the organization.
This is an exciting time to join the security team as we work to continuously develop our program to meet the needs of an Agile IT workforce and further enhance Client's security posture and improve customer experience.
This position requires strong communication abilities, technical expertise in the areas of application, cloud and infrastructure security; the ability to work well in a team; and the ability to multitask and work on assignments independently.
The key responsibilities of the Controls Scoping Adivsor role are as follows:
Pull intake requests from a backlog queue
Engage with internal customers
Meet with the project teams to discuss and document project scope and impacted solution components
Validate data types and classifications
Deliver self-attestation exemption forms and self-assessment questionnaires to project teams
Validation of questionnaires and security artifacts to assess for controls effectiveness
Create risk findings for control deficiencies in a GRC tool
Draft and finalize a summary report of the overall engagement

Skills:
Strong Communication skills, ability to speak to and document risks and possible solutions, and clearly articulate these to the business in laymen's terms if necessary. Ability to speak to security in groups meetings as needed.
5-10 of experience with information security management frameworks (e.g., IS027000, COBIT, NIST 800, etc.) & some regulatory compliance background is a plus.
GRC tool experience and Issues Governance processes is desired.
Working knowledge or understanding of following technologies/protocols/methodologies:
Physical and Virtual Infrastructure
Network Security
Cloud Computing (AWS, Azure, Google, Private)
Containerization
API and Microservices
Static & Dynamic Code Scans
Prisma
OpenStack, ACI, Openshift, Docker
Software Defined Network
Virtualization
 

BS or MA/MS in Computer Science, Information Security, or a related field ir preferred OR equivalent work experience with the preferred certifications outlined below:

Certified Information Systems Security Professional (CISSP), Certified Cloud Information Professional (CCSP), Certified Information Security Manager (CISM), and/or Certified Risk and Information Systems Control (CRISC), Security , Network , etc.