Security Engineer

Reston, VA

ScienceLogic logo

ScienceLogic

AIOps and IT infrastructure monitoring platform, simplifies and modernizes IT operations for complex, multi-cloud & distributed environments.

What we're looking for...

 

The position will assist with the development, implementation, and execution of an corporate risk management/assessment program including performing risk assessments and contract evaluations for vendors and customers. The position requires a strong understanding of information security controls, including frameworks such as NIST and ISO27001. Additionally, this position requires that the applicant have a strong understanding of the risk frameworks, operational risks, and the execution of risk management processes and governance.

 

What you'll be doing...

 

  • Manage the overall capabilities and operating framework of the Risk Management Program (structure, people, and project delivery processes), articulating the service delivery process, and managing the measurement metrics.
  • Coordinate and perform a full cycle of the third-party security risk management activities, including risk identification, assessment, mitigation, monitoring, and reporting
  • Coordinate and conduct Vendor Risk assessments, review documentation provided (including independent assessments, certifications, pen-test, etc.) and issue reports
  • Coordinate and conduct customer security reviews
  • Collaborate with internal and external auditors to ensure that appropriate controls are installed, operating properly, and being monitored and reported
  • Support inquiries into the cybersecurity program and its operations. Respond to client questionnaires and support client engagements.
  • Understand and keep abreast of emerging technologies and how they can impact the business.
  • Significant experience in collaborating across organizational boundaries and building partnerships across various functions
  • Comply with delivery SLA's and provide periodic status updates including potential risks and delays to the project delivery to project manager. 
  • Support various GRC efforts such as third party due diligence, security awareness and data loss prevention

 

Qualities you possess...

 

  • Bachelor's Degree or equivalent required
  • Applicable certifications are desired
  • 5 years experience in IT audit/Security Assessment/Certification
  • Understanding of third-party risk management techniques, security IT control evaluation, and security control management lifecycle
  • Professional designations preferred: CISSP, CRISC, CISA, CTPRP, CDPSE, Security+, CISM
  • Proven experience in Information Security and Risk Management and/or compliance
  • Prior experience assessing SOC 2 reports is preferred
  • Able to resolve highly complex and technical business problems.
  • Familiarity with GRC tools and 3rd party risk assessment tools
  • Strong understanding of information security principles, architecture, and methodologies (including control design and risk assessment)
  • Solid understanding of IT audit and security control evaluation methodologies
  • Solid understanding and experience with security risk management, covering the full lifecycle of activities, including risk identification, assessment, mitigation, monitoring, and reporting
  • Understanding of COBIT, ISO27000, NIST CSF, SOC 2and/or HITRUST frameworks
  • Knowledge of single sign-on integration with on premise and cloud toolset
  • Knowledgeable of Network Design and Project Management methodologies
  • Highly Organized and Self-Motivated, with Strong attention to detail
  • Excellent written and verbal communication skills
  • Highly Adaptable to changing priorities (high flexibility)

 

About ScienceLogic

 

 ScienceLogic is a leader in IT Operations Management, providing modern IT operations with actionable insights to resolve and predict problems faster in a digital, ephemeral world. Its solution sees everything across cloud and distributed architectures, contextualizes data through relationship mapping, and acts on this insight through integration and automation.

 

www.sciencelogic.com

* Salary range is an estimate based on our salary survey at salaries.infosec-jobs.com

Tags: Automation CISA CISM CISSP Cloud CoBIT Compliance CRISC Governance HITRUST ISO 27000 ISO 27001 Monitoring NIST Risk assessment Risk management SOC 2

Region: North America
Country: United States
Job stats:  5  4  0

Other jobs like this

Explore more Cybersecurity career opportunities

Find open roles in Ethical Hacking, Pen Testing, Security Engineering, Threat Research, Vulnerability Analysis, Cryptography, Digital Forensics and Cyber Security in general, filtered by job title or popular skill, toolset and products used.