Business Operations Security Analyst

Detalles de la oferta

BUSINESS OPERATIONS SECURITY ANALYST Aurora, CO - Need Locals Summary: The Information Security Office (ISO) is seeking a professional with information security, technology risk assessment, technology audit, or legal experience to join our team.
Business Operations Security Analysts work within the ISO's Engagement team but are embedded within city departments to evaluate and consult on information security and privacy risk of business drivers and technology.
This position will engage all levels of the business to identify risk and work directly with business leadership and the CISO to design and execute on remediation projects and build processes that will support the CAO's compliance with industry, legal, as well as policy, security, and privacy requirements.
The role will report to the CISO, with a dotted line of responsibility to the department head.
This role will work with the City Attorney's Office (CAO) directly and will lead the Risk & Compliance team in fulfilling Colorado Open Records Act and eDiscovery requests on behalf of the IT Department.
This position is a senior-level analyst position due to experience required in building a program, strong interpersonal and documentation skills required, and preference for CAO experience.
WHY WORK FOR THE CITY OF AURORA?
Work flexibility including on site, hybrid, and telework options Competitive total compensation package Well-Funded General Employees Retirement Plan Light rail station minutes away On-site fitness center and overall employee well-being programs Internal educational programs to assist with career advancement You will work with 20 vastly different business lines within a City that is aggressively innovating around its technology and business strategies.
chance to make a difference.
You're not protecting a dollar, you're protecting people DAY TO DAY EXPECTATIONS?
HE'll build the foundation for the City's Information Security Office's Engagement division.
You'll drive adoption of good security hygiene practices by building strong business relationships, understanding the business risk and needs, collaborating with the business as a trusted subject matter expert to support them as they adopt innovative technologies.
He'll drive education and awareness for the business, industry, and our community through the development of training materials/content and delivery of training to staff as needed.
He will work with CAO leadership and the CISO to develop metrics and reporting, as well as quarterly Customer Business Reviews (CBRs) to inform the business and ISO on program efficacy and effectiveness, as well as identify risks and solutions.
He will manage the open record requests and eDiscovery hold requests for the IT department and engage the CAO and business stakeholders to ensure successful response to requests.
He will work with CAO leadership and the CISO in development and execution of their business strategies and roadmaps, identifying requisite security control requirements, forecasting implementation costs, TCO, ROI and the level of effort to implement and sustain.
He will perform security and privacy risk assessments of CAO infrastructure and provide reporting of findings and recommendations for resolution.
You will track risk findings and support the CAO, Security Operations, Enterprise Infrastructure and Public Safety teams to properly address.
He will be the subject matter expert (SME) for security during internal and external audits, working with the CISO, Risk and Compliance, and CAO leadership to ensure audit requests are fulfilled and findings addressed.
He will regularly engage the CAO, Security Operations, Enterprise Infrastructure and Enterprise Applications teams to resolve issues and be a champion of business change to ensure good security hygiene is foundational to everything you do.
The successful candidate will be able to translate legal and regulatory technical requirements into business language.
He will work alongside the Security Operations and Risk & Compliance divisions to ensure existing ISO platforms are deployed, tuned, and effective in meeting governance requirements.
You will be a key member in the design and implementation of security controls to meet this objective.
He will perform ongoing learning and research to identify new technology and ensure the ISO is prepared to address and secure those technologies.
This position will report directly to the CISO but will have a dotted line reporting to the City Attorney or their designee.
He will be responsible for evaluating the CAO's systems, policies, and processes to ensure compliance with the requirements and standards applicable to securing the CAO's business.
Stay up to date with relevant legislation, industry standards, and best practices.
Respond to emergencies and other incidents as required and participate in investigations and remediation efforts.
He will support CAO leadership as they develop technology strategy, including liaise with IT and ISO colleagues to help the CAO drive innovative change in technologies and processes, and ensure the architecture is developed with security-by-design methods to meet compliance and business requirements for confidentiality, availability, and integrity.
He will meet regularly with CAO leadership to understand the department's needs and current and future needs.
Minimum Qualifications: Education: Bachelor's degree OR four (4) years of directly relatable experience OR a combination of both equal to four years.
Experience: Required Experience and Skills: He will have an extensive background in information security.
Experience in regulatory compliance or legal practice.
Must be a self-starter and a life-long learner.
Must be a critical thinker who believes security can be an enabler of business.
Well-developed interpersonal and communication skills.
Conflict resolution skills.
Strong documentation skills Strong communication skills Excellent analytical, problem-solving, and decision-making skills.
Preferred Experience and Skills: He will preferably have prior experience performing security for a law firm or other legal organization.
Prior experience using Microsoft Purview.
eDiscovery experience Risk assessment experience.
Knowledge of cloud-based technology Experience in IT audit Experience in technical writing and/or report writing n applicable security certification such as CISSP, CISA, Security, or comparable.
n applicable privacy or legal certification or comparable education


Salario Nominal: A convenir

Fuente: Appcast_Ppc

Requisitos

Desarrollador Comercial Trade Pereira

Somos una compañía colombiana con más de 118 años de historia, acercamos a los colombianos a productos que enriquecen su vida cotidiana, generando impacto po...


Casa Luker - Risaralda

Publicado a month ago

Asesor Principal Go Big

Objetivo del Rol: Desarrollar los procesos de venta y posventa para todos los productos del portafolio Móvil y Home, buscando una experiencia de cliente que ...


Colombia_Movil_S.A_Esp - Risaralda

Publicado a month ago

Trabajo Desde Casa Analista De Negocios

Trabajo desde casa analista de negocios Sistemas y Tecnología Ingeniería de sistemas Computación / Otras Acerca de la compañía: BairesDev es una premiada com...


Bairesdev S.A. - Risaralda

Publicado a month ago

Work From Home Work From Home Executive Assistant

Work from Home Executive Assistant At BairesDev, we've been leading the way in technology projects for over 15 years. We deliver cutting-edge solutions to gi...


Bairesdev S.A. - Risaralda

Publicado a month ago

Built at: 2024-11-23T12:31:05.189Z