Sr. Cyber Security Governance and Compliance Engineer 

OVERVIEW

Buchanan Technologies (www.buchanan.com) is seeking for Contract candidates /applicants for assignment to our client.

As a Sr Cyber Security Governance & Compliance Engineer, you will work as part of the Systems & Information Security Team with a primary focus on security assessments for new business initiative, risk management, and development of policies and standards.

You will be responsible for the review of new business, and security, initiatives, and work with internal stakeholders and vendors to assess compliance with industry best practices and internally defined standards. Additionally, you will be required to perform contract/master service agreement reviews to ensure compliance with standards and to identify potential risk. Development of security policies and standards documents will also be a responsibility of this position, along with the development and maintenance of a Risk Management program.

RESPONSIBILITIES

Reviews requests for new business, and security based, requests and identify compliance with internal standards and industry best practices. This will include identifying and communicating risks as well as making recommendations around addressing those risks. An output of this responsibility will also be identifying which components of the initiative will depend on deliverables from the security team so the project can be properly resourced.

Reviews Contracts and Master Service Agreements with vendors to ensure industry best practices are being followed and any risks are identified and recorded.

Conducts ongoing development and maintenance of a cyber risk management framework.

Development of Security policies and standards which are in line with NIST and other industry best practices.

QUALIFICATIONS

Education/Knowledge

Bachelor's degree, or diploma, in computer science, information technology, cyber security, risk management, or equivalent discipline

Certifications in one or more of the following:

Certified Information Systems Security Professional (CISSP)

Certified Information Security Manager (CISM)

Certified Information Systems Auditor (CISA)

Certified in Risk and Information Systems Control (CRISC)

CompTIA Security+

Experience

5 years, or more, of relevant work experience in cybersecurity, risk management, or a related field.

Practical experience in Risk Assessment and Mitigation, Security Architecture Design, Incident response and management, and Governance/Compliance management

Practical experience with secure architecture around Azure and On-Prem solutions

Strong analytical and problem-solving skills, along with strong verbal and written communication skills

Ability to work independently and as part of a team in a fast-paced, high-pressure environment.

Attention to detail and strong organizational skills.