Gravity IT Resources
Job Title: CyberSecurity Governance and Assurance Specialist
As a Cybersecurity Governance & Assurance Specialist you are vital to the IT Cybersecurity organization in that you will assist the whole organization in obtaining a sufficient level of information security. In this role you will help enhance, communicate, monitor, and maintain our cybersecurity program, which consist of defining information security related strategies, requirements and controls, security metrics and KPI’s etc. Within this role lies identifying critical information assets such as systems and other critical digital assets, addressing security controls for each critical digital asset as well as enforcing the implementation of attack mitigation activities and maintaining overall governance capabilities.
To succeed in this role, you have a passion for information and cyber security, an understanding of the core business and how information security supports that, a desire to continuously learn and develop, and a positive and service orientated mindset!
The tasks within the Governance & Assurance team will be evolving over time and distributed within the team based on each team member’s competence and, when possible, preferred work task. The primarily responsibilities and duties within this role are thus described on a rather generic level and include for example, but not exclusively, the following.
What You’ll Do:
Cybersecurity Governance & Assurance [90%, Primary Responsibility]:
• Govern and ensure BU alignment with internal governance and key frameworks
• Assist in both external and internal audits
• Research and recommend solutions for ever evolving security landscape
• Provide mentorship (if applicable) to junior team members
• Own & act as SME for multiple Security disciplines
• Serve as escalation point for resolving governance and assurance issues
• Build & maintain customer relationships
• Work with internal stakeholders to answer customer SIG questionnaires
• Participate in Global Cybersecurity discussions and sessions
• Assist in local/global incidents and requests
• Create meaningful relationships across multiple levels
• Stay current on challenges and input from local BU
Continuing Education [10%]:
• Have a passion for learning and always stay current with skills.
• Research emerging information security and cyber threats and mitigation.
• Constantly improve skills required for the position.
• A minimum of three (3) years working with Information Security/IT/Governance/Risk.
• Ability to successfully work independently as well as within a team.
• Experience successfully prioritizing tasks in a fast-paced environment.
• Experience successfully working with others to achieve shared goals
• Experience successfully creating meaningful relationships with colleagues.
• Experience successfully connecting business value with technology solutions.
o 3 to 5 years of related experience working with Information/Cybersecurity
o Certified CISA, CRISC, MGT415, GSLC, CCSP, CISSP, or equivalent
o 3rd party risk
o Risk assessments
o Cybersecurity Frameworks
o Cybersecurity metrics