Senior Security Specialist - Information Risk - Assurance
Company: Campbells
Location: Camden
Posted on: April 8, 2021
|
|
Job Description:
Imagine...working for a company that knows that its people are
the key to its success in the marketplace. A company in which
achieving extraordinary results and having a stimulating work
experience are part of the same process.We cultivate and embrace a
diverse employee population. We recognize that people with diverse
backgrounds, experiences and perspectives fuel our growth and
enrich our global culture.We are looking for an individual who
enjoys working in a fast-paced, team oriented environment, likes to
be challenged, and values the opportunity to make a difference.The
Senior Security Specialist - Information Risk - Assurance will
support the Information Risk Management program within the
Information Technology - Security Department for Campbell's. -The
Risk Management program will align to the strategy of the Company
while addressing the evolution of changes to the global risk
landscape and evolving technologies.In this role, you will be
responsible for managing the Information Risk - Assurance function
within Campbell's Information Technology - Security Department.
This responsibility will include management of the process for
identification, assessment, and remediation of vulnerabilities,
threats, and configuration issues within systems and applications
in the office and manufacturing environment.As the Senior Security
Specialist, you will be responsible for communicating to key
stakeholders throughout the organization to ensure an understanding
of the current state of Information Assurance objects and that
identified issues are resolved in a timely manner. -This lead role
is a critical function to the overall information security
program.In this role you will report directly to the head of
Information Risk Management.Essential responsibilities will include
but not be limited to:Build upon the application security and
vulnerability mgt program using risk management project methodology
to validate that applications and systems are implemented according
to specified design and industry known standards as established by
OWASP, Center for Internet Security (CIS), Microsoft, others.
(35%)Manage the threat and vulnerability management program to
assess risks and effectiveness of systems currently not within
scope such as: ERP, API's, Network Infrastructure, Manufacturing
Open Source, and security technologies. (20%)In partnership with
department peers, establish and provide KPI's to technical teams,
senior leadership, and third-party organizations to analyze and
report on effectiveness of vulnerability/application security
program and identify opportunities for improvement. (10%) -Track
and report remediation efforts and exceptions (5%)Advise and
support the Head of Information Risk Management, Compliance, and
Assurance in technical security matters related to vulnerabilities
and best path forward (5%).Within context of the existing risk
management framework, expand and manage the DevSecOps program
within the Company for use by internal developers and third parties
to ensure that security processes are effectively implemented
during design, development, and throughout the system lifecycle.
(5%)Establish testing processes for automated testing including
dynamic and static analysis of code in support of secure coding
practices across the Company. (5%)Conduct red-teaming exercises of
3rd party Security Operations Center to verify that detection and
response capabilities are effective. This may also include
overseeing penetration testing on internal and external
applications. (5%)Job Complexity:Correctly balances security risk
and business impact. Interfaces with third parties, business
analysts, internal and external IT Audit groups. -Understand
emerging leading practice for applications including industrial
control systems.Proficiencies in finding defects (before attackers)
and effectively communicating how to resolve.Ability to effectively
communicate risk including corrective action plans /
recommendations to non-technical audiences.Ability to create
effective reports and presentations to communicate technical
concepts to both technical and non-technical audiences.We are
looking for the following abilities and skills:Minimum education
required: - - - -Bachelors of Science DegreePreferred
certifications: - - - - - - - - - CISSP, CISA, CRISCYears of
relevant experience: - - - - -7 + Years. - -Proven experience in
managing an outsourced third-party provider of threat management
services.Proven history of designing and implementing process and
technology for identifying vulnerabilities.A broad cyber-security
skillset, able to assimilate and consider issues from the
technical, and business perspective, supported by a pragmatic
attitude to the implementation of security across multiple business
units.Strong understanding of systems, applications architecture
within office and emerging better practice within IoT (Internet of
Things) / ICS (Internet Connection Sharing) environments.Strong
understanding of Secure Development Practices and development
related systems such as Jenkins, Jira and container
technology.Knowledge of common security vulnerabilities such as
OWASP Top 10, SANS Top 25.Experience in security testing web
applications, mobile applications a significant plus.Experience
with cloud security solutions such as Amazon Web Services (AWS),
Microsoft Azure and/or VMware vCloud and/or Docker.Familiarity with
scripts in languages such as Python, BASH, or PowerShell.Technical
expertise with Information Assurance tools including but not
limited to: Tenable, Qualys, Acunetix, Checkmarx
preferred.Understands emerging better practice for applications
including industrial control systems.Demonstrated ability to learn
on the job and explore new technologies with little supervision to
identify new and emerging security threats.Strong technical,
communication and interpersonal skills.Demonstrated ability to
function in a global environment.Ability to perform in a
challenging, fast-paced technical and business environment.Working
conditionsOffice environment with up to 10-15% travelCSC1The
Company is committed to providing equal opportunity for employees
and applicants in all aspects of the employment relationship,
without regard to race, color, sex, sexual orientation, gender
identity, national origin, citizenship, marital status, veteran
status, disability, age, religion or any other classification
protected by law.In that regard, U.S. applicants and employees are
protected from discrimination based on certain categories protected
by Federal law. Click here for additional information.
Keywords: Campbells, Camden , Senior Security Specialist - Information Risk - Assurance, Other , Camden, New Jersey
Click
here to apply!
|
Didn't find what you're looking for? Search again!
Other Other JobsDirect Support Professional (Weekends- $250 Bonus!) Description: Do you want to work WEEKENDS in the Bucks County, PA area Do you want to make a difference in the lives of individuals with developmental disabilities Then, join our team We are seeking Direct Support (more...) Company: Community Options, Inc. Location: Levittown Posted on: 04/15/2021 Tree Trimmer Description: Looking for a place where you can thrive SavATree s mission is to take our passion for nature and keep this country s outdoors beautiful and flourishing. Through our comprehensive tree, shrub, and lawn (more...) Company: Savatree Location: Levittown Posted on: 04/15/2021 Tree Service Groundsman Description: Looking for a place where you can thrive SavATrees mission is to take our passion for nature and keep this countrys outdoors beautiful and flourishing. Through our comprehensive tree, shrub, and lawn (more...) Company: Savatree Location: Levittown Posted on: 04/15/2021 URGENT: Dog Walking Wanted Description: Hi there my name is Brady. Company: PetSitter Location: Lancaster Posted on: 04/15/2021 Online Advisor Description: Keystone Custom Homes is looking for an exceptional Online Advisor to join our award-winning team as we work to convert unprecedented levels of traffic - from leads, to appointments, to sales The Online (more...) Company: Keystone Custom Homes Location: Lancaster Posted on: 04/15/2021 Tree Trimmer Description: Looking for a place where you can thrive SavATree---s mission is to take our passion for nature and keep this country---s outdoors beautiful and flourishing. Through our comprehensive tree, shrub, and (more...) Company: SavaTree Location: Levittown Posted on: 04/15/2021 Climber-General Tree Care Description: Looking for a place where you can thrive SavATree s mission is to take our passion for nature and keep this country s outdoors beautiful and flourishing. Through our comprehensive tree, shrub, and lawn (more...) Company: Savatree Location: Levittown Posted on: 04/15/2021 Business Development Representative Description: AVAIL Technology SolutionsWe are a Managed IT Services Provider with clients in the Lehigh Valley Company: AVAIL Technology Solutions Location: Lancaster Posted on: 04/15/2021 Groundsman Tree Worker - Hiring Immediately Description: Looking for a place where you can thrive SavATree---s mission is to take our passion for nature and keep this country---s outdoors beautiful and flourishing. Through our comprehensive tree, shrub, and (more...) Company: SavaTree Location: Levittown Posted on: 04/15/2021 Surface Warfare Officer Description: ABOUT America's Navy has the most modern, advanced fleet of ships in the entire world. Surface Warfare Officers SWOs are trained extensively to maintain and operate these ships, their crews and their (more...) Company: Navy Location: Levittown Posted on: 04/15/2021 |