Logo

Search Our Jobs

Search Remote Jobs

If searching for a remote/work from home position, please conduct your search by State or click “Search Remote Jobs”

Sr. Information Security Consultant in New York at QBE

Date Posted: 7/6/2018

Job Snapshot

  • Employee Type:
    Full-Time
  • Location:
    New York
  • Job Type:
  • Experience:
    Not Specified
  • Date Posted:
    7/6/2018

Job Description

Maintain information security by ensuring compliance to standard policies and procedures, identifying opportunities for operational improvement, identifying and mitigating security risks, monitoring the information security market for additional tools, resources and enhancements and defining and communicating security standards.

Primary Responsibilities:


  • Monitor adherence to information security policies, process and procedures; maintain information security documentation and reporting to demonstrate that information security management is effective and integrated with other Information Technology (IT) processes
  • Ensure operational effectiveness and efficiency by reviewing and evaluating information security practices, identifying and recommending opportunities for improvement and acting on key issues that may impede information security to maintain process integrity
  • Define, communicate and monitor standards and quality criteria for information security to provide to relevant stakeholders to assure consistency, alignment and a full audit trail
  • Assess and develop a long term log management and data retention plan for all devices
  • Assist in measuring compliance against minimum security baselines using a combination of manual and automated methods; work with application and server teams to remediate identified gaps
  • Research and monitor information security market intelligence for optimal monitoring and reporting tools, techniques and enhancements available to help manage security compliance in a multi-vendor environment
  • Ensure adherence and compliance to information security practices, customer service principles and service level agreements
  • Contribute to the plan and delivery of information security solutions to support achievement of strategy and risk management objectives
  • Select and analyze security products to determine the viability and quality of the product and ensure it meets business requirements; prepare corresponding business cases to assist in the justification of provided solutions
  • Contribute to the development and maintenance of systems for data classification to support data security objectives
  • Perform vulnerability assessments including penetration testing and firewall reviews; provide risk assessment, analysis and recommendations by identifying and mitigating potential threats
  • Collaborate with architecture, engineering and operations to tightly integrate real time security monitoring; participate in planning and enterprise architecture optimization
  • Manage and work with vendors to troubleshoot issues, problems and enhancements
  • Provide oversight and mentoring in secure coding practices within application development teams to maintain consistency and increase the knowledge sharing framework
  • Contribute to a positive work environment by demonstrating cultural expectations and influencing others to reward performance and value “can do” people, accountability, diversity and inclusion, flexibility, continuous improvement, collaboration, creativity and fun
  • Adopt QBE values in personal work behaviors, decision-making, contributions and interpersonal interactions; manage own career development by soliciting feedback and valuing other perspectives

Education

  • Bachelor’s Degree or equivalent combination of education and work experience

Experience

  • 5 years relevant experience performing information security assessments in a complex information technology environment

Licenses/Certifications

  • CISSP, CISM, CISA, CERT, Cisco, SANS

Knowledge

  • Working knowledge of process management and continuous improvement methods and techniques
  • Working knowledge of legislative and regulatory compliance
  • Applied knowledge of industry best practices associated with information security
  • Broad understanding of technical architecture and different platforms used within a business
  • Knowledge of risk assessment procedures, policy information, role-based authorization methodologies and authentication technologies

Skills

  • Develop and maintain effective working relationships with key stakeholders to share knowledge and ensure consistency
  • Identify and prioritize gaps to contribute to the development and maintenance of IT security risk and/or control framework
  • Understand and improve the interdependencies between information security and other IT processes
  • Effectively present information to influence and negotiate
  • Ensure a seamless end to end service management process
  • Act as a change agent to influence relevant stakeholders to adhere to information security practices

Abilities

  • Review change control procedures
  • Effectively communicate in verbal and written format
  • Understand the needs and goals of the customer and actively look for ways to meet them
  • Complete regular compliance reporting
  • Adapt and be flexible in a complex, changing environment
  • Manage one’s own time
  • Perform project consulting and security sign off for solution designs

Travel frequency

  • Infrequent (approximately 1-4 trips annually)

Physical demands


General office jobs

  • Work is generally performed in an office environment in which there is not substantial exposure to adverse environmental conditions. Must have the ability to remain in a stationary position for extended periods of time. Must be able to operate basic office equipment including telephone, headset and computer. Incumbent must be able to lift basic office equipment up to 20 pounds.


Number of Openings:

1

How to Apply:

To submit your application, click "Apply" and follow the step by step process.


Equal Employment Opportunity:

QBE is an equal opportunity employer and is required to comply with equal employment opportunity legislation in each jurisdiction it operates.

The companies of QBE North America are committed to equal employment opportunities. All qualified applicants will receive consideration for employment without regard to age, disability, marital or parental status, national origin, citizenship, race, color, religion, sex, sexual orientation, or veteran status. All personal information contained in this application will be kept confidential as required by law.