Security Assessment Senior Specialist

Security Assessment Senior Specialist

Vacancy expired!

At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.

At Northwestern Mutual, we believe relationships are built on trust. That our lives and our work matter. These beliefs launched our company over 160 years ago. Today, they're just a few of the reasons why people choose to build careers at Northwestern Mutual.

We're strong and growing. In a company with such a long and storied history, this may be the most exciting and meaningful time to be a part of Northwestern Mutual. We're strong, innovative and growing.

We invest in our people. We provide opportunities for employees to grow themselves, their career and in turn, our business.

We care. We make a positive difference in our communities. Nationally, thousands have benefitted from our support of research and programs to fight childhood cancer. Each year, our Foundation, employees and financial representatives donate time, talent and financial support to causes they're passionate about.

We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

What's the role?

Here at Northwestern Mutual we are looking for a Security Assessment Senior Specialist to join our Security Assessments Team to focus on our Vendor Information Security Assessments to identify and address Third Party Gaps.

Primary Duties & Responsibilities:

• Accountable for operating and improving processes to provide initial assessments, reassessments and ongoing monitoring of control coverage to ensure compliance with information protection policies and standards.
• Accountable for assessing and evaluating common processes and controls to determine compliance with information protection policies and standards and ensure effective management of gap analysis.
• Accountable for consulting and advising on the appropriate design of information protection controls and control monitoring to comply with information protection policies and standards and demonstrate ongoing compliance with information protection policies and standards.
• Accountable for executing upon the information security assessment programs and projects which may include: evaluating vendor security, advising on purchase and investment decisions, establishing appropriate monitoring of information protection controls, evaluating operational effectiveness of information protection controls, and evaluating noncompliance issues.
• Accountable for operating and improving processes to document, report, and manage assessments, findings, exceptions to standards, and identified gaps to ensure that appropriate action plans are created and executed to remediate deficiencies and risks.
• Accountable for mentoring new team members, answering questions from embedded risk engineers and other staff members on aspects of the information security assessment program and specific processes to ensure behaviors and outcomes that support information protection, privacy, and data security, and drive consistency, quality, and productivity of deliverables.
• Accountable for advising on noncompliance issues to make appropriate investment decisions.

Qualifications:

• Bachelor's degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or related field; or related work experience beyond the minimum required.
• Minimum of 3 years of professional experience
• One or more years of experience in information systems or systems audit with a demonstrated knowledge in technologies and processes
• Demonstrated flexibility to adjust to changing business needs by effectively managing and prioritizing concurrent assignments
• Demonstrated ability to independently identify and resolve critical issues through effective problem-solving skills
• Strong ability to develop and leverage relationships
• Ability to effectively influence and negotiate with internal and external partners
• Excellent communication skills focused on facilitation of meetings
• Ability to deliver informative, well-organized documentation and ability to effectively communicate in difficult and/or sensitive situations
• Assessment experience required - Security Assessments, Risk Assessments, Vendor Assessments, Compliance Assessments
• Knowledge of NIST framework
• Experience with Data tagging, Data flows, etc. desired
• Ability to recommend mitigating controls for various security gaps desired
• Ability to assess designs for control gaps desired

#LI-POST

Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!

W e are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.

If you work or would be working in Colorado or outside of a Corporate location, please click here for information pertaining to compensation and benefits.