Key skills
ServiceNowSplunkCommunicationCollaborationNetwork Security
About this role
Role Overview
- The Information Security Engineer III serves as a member of the NIST CISO Audit & Assurance team.
- Assist in the performance of internal audits, ensuring compliance with applicable Conduent and ISO security standards, regulations, and policies.
- The NIST security resource is accountable for procedures and processes that ensure integrity, confidentiality, and availability of assigned Business units’ information, applications, and infrastructure.
- Perform routine risk assessments, security audits, and vulnerability scans to identify, evaluate, document, and remediate organization risk, control gaps, and vulnerabilities.
- Responsible for developing security reports, recommendations, and security policies and procedures.
- Perform log collection, correlation, reviews, archival, retention, and monitoring of automated alerts.
- Participate and be an integral component of audit, compliance, and regulatory functions.
- Support the creation of business continuity/disaster recovery plans.
Requirements
- CIPP, CRISC, CISA, CISSP, CISM, ISO or any security/IT audit certification is a plus.
- Minimum of Five (4 to 5) Years of experience in IT Security, or Security Auditing is required.
- Knowledge and understanding of security controls across all security domains, such as access management, encryption, vulnerability management, authentication, authorization, network security, physical security, etc.
- Ability to identify security risks in application, system, and network architecture, data flow, and processes or procedures.
- Ability to assess the organizational impact of identified security risks and recommend solutions or mitigating controls.
- Knowledge of security technologies, devices, and countermeasures, as well as the threats they are designed to counter.
- Experience with developing security reports, recommendations, policies, and procedures that are meaningful, defensible, and actionable for a variety of audiences.
- Familiarity with more than one framework (NIST 800-series, ISO 27000-series, PCI DSS and ISO, HIPAA, HITRUST, FISMA, FedRAMP other common security control frameworks).
- Experience in PowerPoint, Word, Excel; experience with Visio and MS Project.
- Communication skills (interpersonal, verbal, presentation written, email). Experience to write report segments and to participate in presentations.
- Familiarity with security, workflow, and collaboration tools such Nessus Tenable, Splunk, SharePoint and ServiceNow (Snow) is a plus.
- Positive attitude, team player, self-starter; takes initiative, ability to work independently and effectively with all levels of staff and management both internally and externally.
Tech Stack
- ServiceNow
- Splunk
Benefits
- Health & Welfare Benefits: Comprehensive plans tailored to your needs, effective from day one.
- Retirement Savings: Robust programs to help you secure your financial future.
- Employee Discounts: Access to a wide range of discounts on merchandise, services, travel, and more.
- Career Growth Opportunities: Paths for advancement within a global organization.
- Paid Training: Learn while you earn with award-winning learning platforms.
- Paid Time Off: Competitive PTO packages to help you recharge.
- Great Work Environment: Join an award-winning culture that values diversity and inclusion.