Jobs

Apply for job

Manager and Senior Manager, Global Information Security Guardrails Assessments  *REMOTE*

Manager and Senior Manager, Global Information Security Guardrails Assessments  *REMOTE*



Our direct client, a global firm, seeks two experienced consultants to join their team for a long-term (12-24 months) contract to design and implement a new Security Guardrails Assessment program, for cloud security.  One role is a Sr. Manager, who will be more of the Program Manager and provide overall scope and direction and handle senior-level communications, and the other is a Manager role, to work with the Sr. Manager, handle several modules of the program.   For the Sr. Manager we are looking for 5+ years' experience with cloud assessments, and and for the Manager, a minimum of 2 years' experience with cloud/security assessments.  



This position is fully remote, candidate should be prepared to work primarily East Coast US hours, and attend global calls from time to time outside of normal hours

Role summary for the Sr. Manager role – the Manager position is similar, just handling less scope and requiring less overall program leadership experience:  

 Design the framework for, perform and monitor execution of assessments of cloud platforms against the Global Information Security Guardrails as well as overall risk treatment plan monitoring.

– Prepare and deliver management reporting for the program efforts across several workstreams.

– Contribute to program strategy and roadmap development.

– Contribute to the Governance, Risk, and Compliance (GRC) technology solution implementation, maintenance and enhancements and oversee support resources.

– Lead training and awareness materials on cloud guardrails, collaborate with other global, regional and local group for these efforts

-Monitor response to program inquiries, solution challenges and enhancement suggestions for the program.

– Manage the maintenance and enhancement of the GCSG program framework, materials, process and procedures.

 

Experience & knowledge

•             Strong experience planning, executing, managing and reporting skills for information protection assessments of cloud platforms

•             Good understanding of cloud security governance (preferably Azure), cloud automation, infrastructure as code (ARM, Bicep, terraform etc.) and policy as code leveraging tools such as Azure Policy, Blueprints, Azure Resource Graph etc.

•             Good experience with Governance, Risk, and Compliance (GRC) technology solutions, ServiceNow IRM a plus.

•             Good communicator, strong presentation skills, comfortable presenting to management on ongoing activities as well as strategy.

•             Methodical approach to work, attention to detail, and delivery of high-quality results.

•             Strong ability to multitask and work independently within a global team.

•             Experienced working in multicultural environments and sensitive to different business cultures.

•             Excellent spoken and written / report writing skills in English, other language skills a plus

•      In depth skills in planning, executing and reporting on management and /or assessments of cloud platforms, providing feedback for risk treatment planning as well as monitoring and reporting on remediation progress.

 

Skills: Technical skills, abilities & qualifications: Bachelor's degree in a related field (e.g. Computer Sciences, Computer Engineering, Information Technology and Security).

-Minimum 8 years of experience, with at least 4 years of information security management and/or assessment experience (2+ Years for the Manager position) and practical cloud security experience within a corporate environment (global companies preferred).

-Cloud technology and security certifications a plus (e.g. Microsoft Azure Solutions Architect Expert, Azure Security Engineer Associate, Microsoft DevOps Engineer Expert, CCSK, CISSP, CCSP, CISA, CEH, OSCP).

-In-depth knowledge of cloud security architecture, governance and management across several cloud service models (IaaS, PaaS etc).

– Experience working with Governance, Risk, and Compliance (GRC) technology solutions, such as ServiceNow.

-Strong communication and reporting skills, proven ability to discuss with both business and technology management.

-Fluent in English and able to travel periodically on business assignments (approx. 10%)



-Good understanding of industry leading practices and standards on information technology and cloud security, including NITSO 800-53, ISO 27001 and 27017, and cloud platform governance tools for Azure (e.g. Azure Policy, Blueprints, Azure Resource Graph etc.).

-Strong ability to develop and deliver training and communications for technology security requirements and guidelines topics.



– Program framework and materials maintenance ensuring alignment with internal and external references.

 

Education: Bachelor's degree in a related field (e.g. Computer Sciences, Computer Engineering, Information Technology and Security) 

Job ID: 4886

  • Accepted file types: docx, doc, pdf, rtf, wps, txt, html.
Chat with a recruiter

Can't Find The Job You're Looking For?

Share this Opportunity?