Maintain business relationships with appropriate levels of client management to ensure that audit management is aware of changes in business activities and objectives and, if necessary, an audit response is developed.

  • Lead developing the audit work program, in consultation with audit management, for efficient and effective testing of key controls.
  • Foster effectiveness during changes in tasks, work environment or condition affecting your organization.
  • Maintain and create standard operating procedures to further secure client and internal data and empower staff with security education.
  • Provide compliance, risk, and controls expertise to support information security and compliance initiatives.
  • Become skilled at performing security focused application design review, static and manual code review.
  • Make sure that your organization performs forensic analysis and evidence collection of devices and system data in accordance with industry and legal standards for internal investigations and technical security assessments.
  • Ensure you nurture; lead your risk governance process to provide security risk mitigations and input on other technical risks.
  • Arrange that your design participates in disaster recovery and business continuity planning to assure security is maintained during all operations.
  • Use knowledge, creativity, and analytic tradecraft best practices to obtain solutions to complex problems.
  • Make sure that Cybersecurity policies and procedures are kept current and communicated to all personnel and that compliance is enforced.
  • Confirm your organization participates on and leads various security projects to implement new security services, extend, or improve existing services.
  • Manage advanced expertise in Cyber products supporting Data Loss Prevention, EDR, AntiVirus, Perimeter services, threat systems, Cyber platform analytics, SIEM, CASB, CLOUD Security, ETC.
  • Be knowledgeable about encryption technologies, secure communications, and secure credentials management.
  • Promote awareness of security issues among management and ensure sound security principles are reflected in your organizations vision and goals.
  • Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
  • Ensure incidents are escalated to the proper support teams for validation and mitigation based on the identification of possible threats.
  • Capture and perform initial analysis on captured volatile data, log data, captured network traffic data, etc.
  • Help manage your bug bounty program, working with researchers and your engineering teams to fix vulnerabilities.
  • Be certain that your operation gathers, monitors, analyzes and reports observed Cyber threat activity as reported by various public, IT product vendors, security researchers and government threat sources.
  • Lead the deployment, installation, operationalization, and/or maintenance of security products and tools.
  • Help to plan, execute, and report on penetration testing of emerging client solutions through focused threat based methodologies.
  • Assure your operation complies; monitors security system logs as firewall, IDS, and web proxy for unauthorized activity and indicators of compromise.

 

Categories: Articles