The Security Risk Engineer under direct supervision performs all procedures necessary to ensure the safety of information systems assets and to protect systems from intentional or inadvertent access or destruction. Interfaces with user community to understand their security needs and implements procedures to accommodate them. Ensures that user community understands and adheres to necessary procedures to maintain security. Conducts accurate evaluation of the level of security required. Provides management with status reports.
In addition, this role will support the information security program through data gathering, analysis, and reporting. Review system data for vulnerability scanning and security exception requests. Work with business partners to ensure accuracy of data and communicate compliance with security policy.
A candidate in this role has previous experience with information security programs, understands data gathering, analysis and reporting techniques. Has experience with vulnerability scanning systems like NESSUS or others and is able to coordinate multiple remediation exercises to ensure responsible parties address security concerns. Strong verbal and written communication is also required. Previous experience with Microsoft Excel, pivot charting, and advanced analytics is a preferred.