The job below is no longer available.
You might also like
in Duluth, GA
$19est. per hour OneMain Financial • 12d agoUrgently hiring 11 mi Use left and right arrow keys to navigate- $19
est. per hour OneMain Financial • 12d agoUrgently hiring 11.8 mi Use left and right arrow keys to navigate - $29
est. per hour Buffalo Wild Wings • 2h agoUrgently hiring 14.3 mi Use left and right arrow keys to navigate - $18
est. per hour Buffalo Wild Wings • 2h agoUrgently hiring 14.3 mi Use left and right arrow keys to navigate - $54,650.00 - $78,100.00
Verified per year DISH • 2d agoUrgently hiring 5.9 mi Use left and right arrow keys to navigate
Senior Specialist Security and Risk (macys.com) - Full-time / Part-time
•30 days ago
| Hours | Full-time, Part-time |
|---|---|
| Location | 5985 State Bridge Road Duluth, Georgia |
About this job
Job Overview:
The Senior Specialist, Security and Risk will be responsible for the development, implementation, maintenance and execution of the IT Risk process at macys.com. While this is an individual contributor role with no direct reports, the successful candidate will be able to demonstrate the ability to provide effective leadership of initiatives and programs, and provide direction to cross-functional working groups as needed. Perform other duties as assigned. This position reports to the Director of IT Security and Risk Administration.
Essential Functions:
• Provides expertise in managing IT-related risk activities; overseeing and coordinating technical, regulatory, industry and contractual obligations; and influencing related priorities and decisions across the organization. Identifies documents and elevates visibility to information risk. Builds relationships and works directly with system, application and business process owners to achieve this
• Is a trusted advisor and partner in risk-based decision making with business, IT and information security stakeholders. Drives effective IT Risk Management throughout the organization. Assists stakeholders in the maintenance and preparation of clear, detailed and accurate documentation to advise business and IT leaders on the IT security risks of initiatives. Must be responsive to questions and assistance requests from system and application owners and other key stakeholders. Performs formal risk assessments on partner and vendor connections and ensures the business objectives align with risks identified. Utilizes sound judgment to identify and assess risk, materiality, and adequacy of system or application modifications or mitigating controls
• Works with the Director of IT Security and Risk Administration to define, develop and execute a Third Party/Vendor Information Security Risk Assessment program based on the management of information risk, and utilizing mechanisms to track the identification, remediation or acceptance of risk decisions
• Provides regular business updates of risks and security controls for senior leadership and external stakeholders. Produces metrics showing operational compliance with best practices and risk controls and exceptions. Maintains the risk dashboard and monitors risk status. Documents and reports status of agreed upon risk remediation plans, owners and commitment dates
• Provides enforcement of security policies, standards and procedures by working cross-functionally with Compliance and Governance functions within the Macy’s organization
• Assists in the implementation of cybersecurity training, education, and awareness
• Stays current on information security technologies, trends, standards and best practices
• Regular, dependable attendance & punctuality
Qualifications:
Education/Experience:
• Bachelor’s Degree or equivalent experience
• Minimum 5 years’ experience in managing IT risk-related work
• Proven experience identifying solutions for complex problems in enterprise environments
• Working knowledge of IT systems – on-line retail experience helpful
• Industry Certification required, e.g. CISSP, CISA, CISM or equivalent designation
Communication Skills:
• Excellent communication skills (written and verbal) as well as comfortable and experienced in presentation development and delivery
• The ability to appropriately communicate complex security risks to non-technical staff
Reasoning Ability:
• Proven analytical and problem solving ability
• Comfortable coordinating multiple projects concurrently and dealing with rapidly changing priorities in conjunction with day-to-day activities
Other Skills:
• Highly organized, able to address highly detailed technical issues, and to work effectively with multiple application and system teams and stakeholders, in multiple time zones
• Superior interpersonal abilities. Ability to interact positively with diverse personalities; tactful; mature; flexible. Proven persuasion skills
• Must be trustworthy in keeping sensitive data confidential
• Should have a working knowledge of common OS and domain structures, servers, services, and associated vulnerabilities, experience with Windows, Linux, UNIX, etc. hosts, operating systems and applications, and a working knowledge of network engineering and local and wide area (LAN/WAN) technologies and topologies
• Knowledge of cloud deployments and associated risk considerations is highly desirable
• Demonstrated experience using and managing Risk Management tools is an advantage
• Ability to work a flexible schedule based on department and company needs
Company Profile:
As the fastest growing part of Macy's Inc. business, macys.com is achieving record sales and broadening our workforce. With offices in New York and San Francisco, macys.com is the best of all worlds. The entrepreneurial thinking of a Web business complements the stability and support of a national brand. Creativity and ingenuity partner with business acumen and tech savvy to build a unique business poised for continued growth. Employees at macys.com have long term opportunities and are encouraged to utilize their Supervisors and Human Resources for cross-functional movement to further their careers. At macys.com we are committed to giving back to the community by partnering with local charitable organizations. By skillfully combining the power of the Internet with the best in retailing, macys.com is reaching new heights.
This job description is not all inclusive. Macy’s Inc. reserves the right to amend this job description at any time. Macy's Inc. is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.
The Senior Specialist, Security and Risk will be responsible for the development, implementation, maintenance and execution of the IT Risk process at macys.com. While this is an individual contributor role with no direct reports, the successful candidate will be able to demonstrate the ability to provide effective leadership of initiatives and programs, and provide direction to cross-functional working groups as needed. Perform other duties as assigned. This position reports to the Director of IT Security and Risk Administration.
Essential Functions:
• Provides expertise in managing IT-related risk activities; overseeing and coordinating technical, regulatory, industry and contractual obligations; and influencing related priorities and decisions across the organization. Identifies documents and elevates visibility to information risk. Builds relationships and works directly with system, application and business process owners to achieve this
• Is a trusted advisor and partner in risk-based decision making with business, IT and information security stakeholders. Drives effective IT Risk Management throughout the organization. Assists stakeholders in the maintenance and preparation of clear, detailed and accurate documentation to advise business and IT leaders on the IT security risks of initiatives. Must be responsive to questions and assistance requests from system and application owners and other key stakeholders. Performs formal risk assessments on partner and vendor connections and ensures the business objectives align with risks identified. Utilizes sound judgment to identify and assess risk, materiality, and adequacy of system or application modifications or mitigating controls
• Works with the Director of IT Security and Risk Administration to define, develop and execute a Third Party/Vendor Information Security Risk Assessment program based on the management of information risk, and utilizing mechanisms to track the identification, remediation or acceptance of risk decisions
• Provides regular business updates of risks and security controls for senior leadership and external stakeholders. Produces metrics showing operational compliance with best practices and risk controls and exceptions. Maintains the risk dashboard and monitors risk status. Documents and reports status of agreed upon risk remediation plans, owners and commitment dates
• Provides enforcement of security policies, standards and procedures by working cross-functionally with Compliance and Governance functions within the Macy’s organization
• Assists in the implementation of cybersecurity training, education, and awareness
• Stays current on information security technologies, trends, standards and best practices
• Regular, dependable attendance & punctuality
Qualifications:
Education/Experience:
• Bachelor’s Degree or equivalent experience
• Minimum 5 years’ experience in managing IT risk-related work
• Proven experience identifying solutions for complex problems in enterprise environments
• Working knowledge of IT systems – on-line retail experience helpful
• Industry Certification required, e.g. CISSP, CISA, CISM or equivalent designation
Communication Skills:
• Excellent communication skills (written and verbal) as well as comfortable and experienced in presentation development and delivery
• The ability to appropriately communicate complex security risks to non-technical staff
Reasoning Ability:
• Proven analytical and problem solving ability
• Comfortable coordinating multiple projects concurrently and dealing with rapidly changing priorities in conjunction with day-to-day activities
Other Skills:
• Highly organized, able to address highly detailed technical issues, and to work effectively with multiple application and system teams and stakeholders, in multiple time zones
• Superior interpersonal abilities. Ability to interact positively with diverse personalities; tactful; mature; flexible. Proven persuasion skills
• Must be trustworthy in keeping sensitive data confidential
• Should have a working knowledge of common OS and domain structures, servers, services, and associated vulnerabilities, experience with Windows, Linux, UNIX, etc. hosts, operating systems and applications, and a working knowledge of network engineering and local and wide area (LAN/WAN) technologies and topologies
• Knowledge of cloud deployments and associated risk considerations is highly desirable
• Demonstrated experience using and managing Risk Management tools is an advantage
• Ability to work a flexible schedule based on department and company needs
Company Profile:
As the fastest growing part of Macy's Inc. business, macys.com is achieving record sales and broadening our workforce. With offices in New York and San Francisco, macys.com is the best of all worlds. The entrepreneurial thinking of a Web business complements the stability and support of a national brand. Creativity and ingenuity partner with business acumen and tech savvy to build a unique business poised for continued growth. Employees at macys.com have long term opportunities and are encouraged to utilize their Supervisors and Human Resources for cross-functional movement to further their careers. At macys.com we are committed to giving back to the community by partnering with local charitable organizations. By skillfully combining the power of the Internet with the best in retailing, macys.com is reaching new heights.
This job description is not all inclusive. Macy’s Inc. reserves the right to amend this job description at any time. Macy's Inc. is an Equal Opportunity Employer, committed to a diverse and inclusive work environment.