Cyber Risk Specialist

Provides guidance and direction for the protection of information systems assets to other functional units through a structured security review process.Implement and maintain Security tools and platforms such as Secure Service Edge (SSE) (Data Loss Prevention, Cloud Access Security Broker, Secure Web Gateway, Zero Trust Network Access), Privileged Access Management (PAM), Identity Access Management (IAM), Extended Detection and Response (XDR), and Security Awareness Training portals.Design, document, test, maintain, and provide issue resolution recommendations for highly complex security solutions related to networking, cryptography, cloud, authentication and directory services, email, internet, applications, and endpoint security.Engage with key stakeholders cross-functionally ensuring sufficient collaboration and interaction to uncover gaps and blind spots, then remediate those with improved strategies, processes, and controls, and execution of the CIS Control cybersecurity platforms, and solutions.Works on the most complex problems where analysis of situations or data requires evaluation of intangible factors.Identify security vulnerabilities and issues, perform risk assessments, and evaluate remediation alternatives.Collaborate and influence all levels of professionals including managers.Maintains ongoing interactions with Client's Security Vendors and Cyber Security Team Members throughout our respective properties.Experience analyzing cyber vulnerabilities and exposures, assessing system compliance against security controls, and developing risk mitigation plans and strategies.Support the development of security policies, standards and plans to ensure the protection of corporate data against unauthorized use, access, modification, and destruction.Works with stakeholders in the execution of exposure and risk management, information security, and data compliance corporate initiatives across all global business units.Executes computer investigation efforts as requested and authorized by management. Participates in the Change Control Review Process for the purpose of providing Cybersecurity subject matter expertise.Ensures Cybersecurity environment is secure and appropriate recovery and redundancy issues are addressed.Is a top-level technical contributor with advanced knowledge and experience in Cybersecurity and related hardware and software.Maintains a high level of technical expertise and knowledge of current products, to determine which best meet the organization's needs.Presents information to management that may result in purchasing and installing hardware, software, and equipment. Authors and maintains technical and operational documentation for Cybersecurity solutions.Acts as an internal consultant and mentor, providing technical guidance to junior staff.Design: Works with management, peers, and vendors to design and implement hardware/software configurations, logical models, operational management models, and business continuity plans for systems under management.Support: Works with management, peers, and vendors to provide ongoing monitoring, performance tuning, implementation, and fault root cause analysis for systems under management.Training: Provides and receives cross-discipline training in order to ensure proper operation of systems under management and to ensure Service Level Objectives are met.Communications: Communicates effectively verbally, and in written form. Carries and responds to the off-hours communications device, in order to provide 24x7x365 support for systems under management.Continuous Improvement: Actively pursues opportunities, as an individual and as part of a group, to improve knowledge, tools, and processes for systems under management.Minimum Education & Qualifications:Bachelor's Degree in Computer Science, Engineering, Business, or a related field, and four years of progressive Information Technology experience5+ years of experience a Cybersecurity Specialist CISSP or equivalent certification(s) or experience.Experience with SIEM systems, threat intelligence, and behavioral-based systems for monitoring security issues.