Senior Information Security Advisor Job Description
Senior Information Security Advisor Duties & Responsibilities
To write an effective senior information security advisor job description, begin by listing detailed duties, responsibilities and expectations. We have included senior information security advisor job description templates that you can modify and use.
Sample responsibilities for this position include:
Senior Information Security Advisor Qualifications
Qualifications for a job description may include education, certification, and experience.
Licensing or Certifications for Senior Information Security Advisor
List any licenses or certifications required by the position: CISSP, CISA, CISM, INFOSEC
Education for Senior Information Security Advisor
Typically a job would require a certain level of education.
Employers hiring for the senior information security advisor job most commonly would prefer for their future employee to have a relevant degree such as University and Bachelor's Degree in Computer Science, Engineering, Information Security, Education, Information Technology, Management, Technology, Information Systems Management, Information Management, Technical
Skills for Senior Information Security Advisor
Desired skills for senior information security advisor include:
Desired experience for senior information security advisor includes:
Senior Information Security Advisor Examples
Senior Information Security Advisor Job Description
- Evaluate implementation of new technologies / processes and agreements with third-party service providers to ensure continual compliance with regulatory requirements
- Payment Card Industry Data Security Standard (PCI DSS) assessments
- Customer Security and Privacy audits
- Responding to RFPs about data protection, trust services, our attestations
- Customer Contract reviews and negotiations regarding data protection clauses, related regulations and compliance commitments
- Operates and manages processes/tools to execute key Access Management controls
- Project Management of information security implementation projects
- Project Management of business impact analysis and development of business continuity and disaster recovery plans
- Information security risk assessments and creation and maintenance of the framework for information security risk management
- Coordination between different expert groups within GSS IT and key business stakeholders for information security related topics
- 6+ years work experience in Information Technology or related discipline
- 4+ years working in a matrixed corporate environment
- Strong ability to work within a matrixed corporate environment
- Strong knowledge of risk, control, budgets, process and loss costing
- Strong knowledge and experience in relevant industry data sources, standards, data analysis tools and techniques
- MetricStream, BWise)
Senior Information Security Advisor Job Description
- Contribution to compliance projects in relation to EU GDPR
- Continuously improvement of GSS IT’s information security management system (ISMS)
- Work with dedicated, competent and highly specialized colleagues in an international environment
- Connect with our business areas to understand a quickly changing business environment
- Learn more every day, on the job and through training\
- Enjoy a flexible working environment, attractive pension and insurance schemes, 30 days of annual vacation and social activities
- Act as the subject matter expert for the SIEM solution
- Work with an internal and external teams to ensure all necessary logging sources are reporting to the SIEM
- Leads system and network architecture support for information and network security technologies
- Leads development and execution of risk assessment methodologies to fit business, regulatory, and technical environment considerations
- CISSP, CISA, CISM, CA, ITIL and Six Sigma Black Belt or similar certification are preferred
- Good understanding of end-to-end network flows, relevant technologies & protocols (DHCP, RADIUS, DIAMETER, GTP/GTP-C, BGP, SOAP, REST, LDAP, IS-IS, OSPF, etc)
- Hands on experience in VoIP and Video technology protocols
- 5+ years of broad and deep Identity & Access Management experience
- MSc degree in computer science, software development or another relevant field is required
- Provides advice, guidance, and assistance to executive leadership
Senior Information Security Advisor Job Description
- Do risk assessments, threat assessments in the I&T and OT landscapes
- Partner with operations in the execution of compliance checks, both internal and regulatory requirements
- Providing users and management with technical support on matters related to information security such as the criteria to use when selecting and implementing information security controls
- This role will also perform risk assessments on projects being delivered and any new IS-related services being deployed
- Base salary plus additional bonus compensation
- Matching employer contributionsto your retirement savings
- Conduct network forensics, host forensics, log analysis, and malware triage in support of Incident Response investigations
- Monitor information security events to identify potential incidents for remediation
- Lead/Participate in small and large scale security investigations
- Mentor and develop junior members of the I Team
- Acts as a technical advisor for a variety of ADHOC information security projects
- May provide audit support
- Bachelor's degree required OR 4 additional years of related experience in IT or Information Security beyond the minimum required may be substituted in lieu of a degree
- 6 or more years of relevant IT and/or Information Security work experience
- Advanced knowledge of relevant technical discipline
- 5 to 8 years of experience managing/utilizing a SIEM solution
Senior Information Security Advisor Job Description
- Work hand-in-hand with other Security Advisors and all relevant stakeholders to identify, remediate and bring closure to all potential security related threats
- Document incident response SOPs and playbooks
- Event monitoring process and technical improvements
- Participate in Internal/External Compliance Audits
- Produce Weekly/Monthly/Yearly Incident Response KPI/KRI metrics
- Potential involvement in Red Team campaigns
- Identify gaps and recommend improvements to enterprise technology environment across all platforms, with a goal to enhance the overall security posture of Cigna
- Consult broadly with the Business Groups and Enterprise Services using technical expertise to guide and influence implementation of security in wide or high-impact technology decisions and initiatives
- Provide the management team with an in-depth analysis of information security trends, the status of identified risks, penetration testing and vulnerability scan results, security incidents, current work activities, and work completed by the department
- Provide support on IT security events and work with IT and business organization within the Incident Management processes for those events by gathering information for analysis from various internal and external sources
- Requires BS/BA in related field
- Must have a Bachelor’s degree in Information Security, Information Technology, Information Systems Management, Computer Science, Engineering or related field(s) or equivalent demonstrated work experience
- Minimum of 5 years of directly related experience in Information Technology
- Bachelor’s Degree in Information Security, Information Technology, Information Systems Management, Computer Science, or Engineering
- Experience with defense in depth, trust levels, privileges and Permissions experience in application penetration testing
- Professional information security certifications, such as a Certified Information Systems Security Professional (CISSP) or other similar credentials
Senior Information Security Advisor Job Description
- Raise the general level of awareness of information security by providing ongoing outreach using all company communications methods (i.e., articles, townhall and lunch and learn events, presentations to employees, ), issue cybersecurity alerts as needed, and train employees in more depth on information security concepts by developing a corporate wide employee training program that consists of a web-based training module deployed annually
- Provide advanced support for area of responsibility by using knowledge of both Information Security concepts, communications and awareness concepts, overall corporate business goals senior management Information Security goals
- Foster growth in security awareness by investigating, researching and identifying new awareness areas for the program in order to enhance the company security practices with the goal of minimizing the overall security risk to the company
- Perform documentation review and enhancement, including the review Information Security team materials for external presentations and speaking engagements
- Real-time threat analysis
- Proactive threat hunting
- Reference and apply Counter Threat Unit (CTU) Intelligence Services
- First point of contact for customer interactions
- Provide Advanced Intrusion Analysis
- Assist with the maintenance and implementation of Director, National Intelligence (DNI)
- Knowledge of Information Security Forum’s Standard of Good Practice, ISO 2700x, or PCI-DSS
- Formal training/certification on Canadian Privacy laws and regulations
- Performs physical site assessments of business partners, provides peer review of work product and deliverables and executes release of information analysis to third party business partners
- 4+ years experience developing and implementing Information Security Applications
- Proficient knowledge of Information Security technical discipline
- Must have advanced verbal and written interpersonal skills in English, especially report writing ability