25 days old
2017-10-252017-11-22

Business Information Security Advisor (557677)

Atlanta, GA 30319
  • Job Code
    584427

Job Purpose:


The Business Information Security Officer (BISA) is responsible for assisting with Information Security initiatives to align with the Corporate Security Standards. This position will provide security and compliance expertise working with technology, the business, and legal teams to process requests and assist with developing secure solutions. The ideal candidate will coordinate security projects for company automotive products. These projects include, but not limited to: network and application security vulnerability remediation efforts; providing security guidance to technology and the business; ensuring daily operational security and risk tasks are resolved, partnering to developing business continuity and disaster recovery documentation and participating in the BCP/DR test activities; providing support for customer security audits and audit findings. The Business Information Security Advisor (BISA) also ensures compliance with legal, regulatory and contractual security obligations, and assists with the development and implementation of security process improvements to drive security and risk mitigation efforts.


Key Responsibilities:


Works under the direct guidance of the Sr. Manager, Information Security of Retail Solutions to ensure adoption and compliance with Corporate Security Standards while enabling business success.


Periodically perform risk assessments of the division group applications, systems and business processes to verify compliance with the Security Standards and prioritize the remediation of gaps based on risk to the organization. Coordinate the remediation of all gaps identified.


Assist with facilitation and management of customer security audits and requests. Complete security compliance questionnaires and provide requested documentation to customers in a timely manner. Coordinate and host customer onsite audits as necessary. Coordinate and manage remediation efforts, if any, as a result of these audits.


Oversees application and system/network security vulnerability assessments and coordinates remediation efforts for the group web site applications and systems.


Provides security guidance for new projects to ensure security best-practices are implemented and that projects are developed in compliance with Corporate Security Standards.


Assist with subpoena requests and handling depositions working with internal/external Legal Counsel.


Addresses findings from quarterly access reviews.


Administrates and maintains security log system and ensures logging standards are implemented with new F&I applications.


Coordinates with the technology and business areas to ensure they maintain disaster recovery and business continuity plans and procedures for the divison suite of solutions. Assists with disaster recovery testing efforts for customer-facing web site applications.


Meets as scheduled, or as needed, with various departments (e.g., IT, Audit, Legal) to provide updates and information on security issues. Also responsible for responding to requests for information to support compliance initiatives.


Qualifications:



  • BA/BS Degree, preferably formal studies in Computer Science or Information Systems or equivalent
  • 5-10 years' experience in IT Security, Risk and/or Compliance or equivalent
  • Understanding of web-based applications, infrastructure, and architecture
  • Strong MS office skills with Excel and Access
  • Ability to work in a fast-paced and dynamic environment
  • Ability to work in a team and independently to fix issues with little or no supervision
  • Excellent organizational, project management and follow-up skills
  • Ability to build effective working relationships at all levels of the organization
  • Ability to explain risk, prioritize remediation efforts against other projects and effectively influence teams to focus on successful completion of security projects.
  • Establish effective working relationships at all levels of the organization


Excellent communication skills


Desired Skills or Certifications:


CISA, CISSP, CISM, or other security certification(s).

Categories

  • Information Technology

Randstad utilizes a technology-driven focus with a human touch to provide better staffing and business solutions to organizations around the world. Our team of experts match professionals with available career opportunities in a variety of fields.

Featured Jobs

Career News

Share this job:

Business Information Security Advisor (557677)

Randstad Technologies
Atlanta, GA 30319

Share this job

Business Information Security Advisor (557677)

Randstad Technologies
Atlanta, GA
US

Separate email addresses with commas

Enter valid email address for sender.

Join us to start saving your Favorite Jobs!

Sign In Create Account
Powered ByCareerCast