Job Description

RESPONSIBILITIES General Job Requirements: Participates in a global security risk assessment program. Prepare and provide regular GRC Reports and Metrics (Weekly, Monthly, Quarterly, Yearly, Ad Hoc, etc.) to the Head Cybersecurity Specialist and CISO. Conduct Cybersecurity Risk Management, including Risk Assessments of the client Information assets and services, and work with the Risk Owners to mitigate the Risks through appropriate Cybersecurity Controls. Conduct Cybersecurity Risk Management, including Risk Assessments of the client Information assets and services, and work with the Risk Owners to mitigate the Risks through appropriate Cybersecurity Controls. Develop, maintain and regularly update a Cybersecurity Risk Register and contribute towards Cybersecurity improvements. Perform Compliance Management for the client Policies, Procedures, applicable Regulations as well as Standards and Audit recommendations. Policies, Regulatory and Compliance Works with Internal Audit, Stakeholders, General Counsel and outside consultants as appropriate on required security assessments and audits Assists in executing strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI DSS, ISO, HIPAA, HITRUST, and NIST 800-171 Routinely completes privacy gap analysis of current laws and regulations and ensures organizations compliance therewith. Coordinates and tracks all information technology and security related audits including scope of audits, timelines, auditing agencies and outcomes. Interact with Third-Party Suppliers / Vendors / Contractors / Consultants and ensure GRC projects are completed on time and within budget and desired quality. Provides guidance, evaluation and advocacy on audit responses. PREFERRED SKILLS/EXPERIENCE: Bachelors degree in Information Systems, Cybersecurity, or a related field preferred. Certifications that are strongly preferred (not required): CISA, CISSP, CISM and/or other security certifications Experience in security governance, security compliance or risk management preferred. Experience in designing and implementing security standards and best practices. Experience in PCI DSS, ISO 27001, SOC2 audits is preferred. Experience developing and/or analyzing security policy. Hands-on experience in establishing and maturing an organization's Security Program. PROFESSIONAL SKILLS: Great problem-solving skills. Excellent collaboration skills – must be eager to work as part of a cohesive team and work as a partner to other teams within Aristocrat, Inc., locally and globally. Exceptional communication skills, including the ability to gather relevant data and information, connect through listening, dialogue freely, and verbalize ideas effectively. Proven presentation and facilitation skills.

More Info

Education