Cyber Security Compliance & Audit Manager
Company: NJ TRANSIT
Location: Newark
Posted on: August 6, 2022
|
|
Job Description:
Move Forward with us! At NJ TRANSIT, you'll join us in
transforming the third-largest transportation agency in North
America. We are committed to delivering safe, reliable service that
gets our customers to their destinations on time- and we're looking
to hire talented folks with a commitment to excellence. SummaryThe
Manager position will monitor, enforce, and drive continuous
improvement around information security, compliance and risk
governance. Manager will also help to develop a master control
list, including clearly written failure points and testing
procedures that effectively address the risks, controls and
compliance issuesRoles and Responsibilities - Partner with
procurement on the 3rd party risk management program - Work across
multiple business units in an audit, partnership, and compliance
role - Act as the primary contact between technical teams, internal
and external auditors; compiling and preparing artifacts - Assist
with documenting and regularly reviewing security policies,
processes and procedures. - Updates security tools for logging
/monitoring and increasing coverage of existing tools. - Performs
risk analysis for corporate functional and technical areas relevant
to data security. - Collaborate with systems administrators to
configures, implement, monitor, and support security
software/systems that will help ensure compliance with regulatory,
industry, and corporate policies and procedures. This includes but
is not limited to IDS/IPS (Host/Network/Wireless), secure file
transfer, data loss prevention "DLP", Full Disk encryption,
firewall rule assessments, log management/correlation, secure
password storage/retrieval, Application Whitelisting, vulnerability
management, etc. - Ensures security best practices are identified
and integrated into all facets of the project including network,
system designs/configuration, and implementations. - Identifies and
recommend potential areas where existing data security policies and
procedures require change, or where a supplement is required to
mitigate key security risks. Partner with various business units to
enhance security policies/procedures. - Facilitates penetration
testing and audit participation, where applicable. - Recommend and
enforce technical service level standards and procedures for data
security. - Establish alternative security measures to allow for
business continuity while protecting the company's assets. -
Executes programs for user awareness, compliance monitoring, and
security compliance; maintaining information security devices and
software; monitoring compliance procedures; and resolving security
policy issues. - Performs other duties as assigned.This Position
Supervises - Cyber Security Lead Developers - Cyber Security
AnalystsEducation, Experience and Qualifications - Bachelor's
degree in computer science from an accredited college in computer
or similar related field, and/ or 4 years of information security
related experience, in areas such as information security audit,
security operations, incident analysis, incident handling, and
vulnerability management or testing, system patching, log analysis,
intrusion detection, firewall administration and/or network and
host security technologies and products (such as firewalls, Network
IDS, log correlation). - One year of closely related experience can
be substituted for each year of education required. Professional
Security and Risk Certification(s) certification required within 6
months of hire, for example: (CISSP, CISM, CRISC, CSX). Experience
with applying security frameworks within the Software Development
Life Cycle using both waterfall and agile methodologies.
Information technology project management experience using security
concepts for technology systems (for example the OSI model, etc.).
Knowledge and Skills - Demonstrated knowledge of Project Portfolio
Management techniques and best practices. Demonstrated experience
of any of the following: System Administration, Network Design, or
Application Design within a Unix, Linux or Windows environment. -
Demonstrated Knowledge of security standards and compliance
programs using ISO 27001/2 series, NIST 800-53, SOX, PCI-DSS and
COBIT). - Demonstrated ability to lead small teams performing
technical work. Familiarity with IT audits and risk assessments.
Experience in reviewing SOC 1&2 report. - Excellent Leadership
Skills, Critical Thinking and Decision Making. - Excellent
Communication Skills, with the ability to document and present
technical information to a non-technical audience. Ability to work
on tasks with minimal supervision, with attention to detail and
meeting deadlines. Proficient in the MS Office Suite, Outlook &
similar Internet applications - 1 to 3 years supervisory
experienceCertificates, Licenses, RegistrationsN/AWorking
EnvironmentOffice EnvironmentPhysical DemandsNoneOther
ConditionsNoneAt NJ Transit you will enjoy a competitive salary and
excellent benefit package: - Hybrid Work Schedule - Comprehensive
Family Health Insurance - Prescription, Dental, Vision - Flexible
Spending Account - Life Insurance - Paid Leave - 401(a) and 401(k)
Retirement Plans--up to 9% employer contribution - Tuition
Assistance - Qualified Transportation Expense Plan (QTE) NJ TRANSIT
is an Equal Opportunity Employer and a Drug Free Workplace
Keywords: NJ TRANSIT, Newark , Cyber Security Compliance & Audit Manager, Executive , Newark, New Jersey
Click
here to apply!
|