Job Description

United States, Georgia, Atlanta

Information Technology

15-Jan-2021

Ref : 4562

How you'll help us Keep Climbing (overview & key responsibilities)

You are someone who, when asked to do the impossible, responds with a grin -- Bring it on! You want a job, not because it is easy, but because you get to drive real transformational change. You are passionate about identifying, communicating, and reducing risk. For you, Information Security is a passion and not just a job.

As a member of the IT Risk team within Deltas Information Security Governance Risk and Compliance organization, you will serve as second line of defense to manage and monitor information security and technology risks. Youll partner with IT Portfolios (Infrastructure and Reliability, Architecture, Channels Technology), key functional partners (Legal, Privacy, Corporate Audit) and external assessors.

Deltas Information Security Governance Risk and Compliance team is actively working to implement a controls focused mindset, shift our approach from a compliance focus to a risk focus, and establish meaningful metrics to truly measure Enterprise Risk and the effectiveness of the Information Security practice. We have the opportunity to drive meaningful change through a well-established, well respected company leading the aviation industry.

This position can be located in Atlanta, GA or Minneapolis, MN.

Duties and Responsibilities:

* Your main responsibilities in this role include the following:
* Evaluate, quantify, and communicate risk across the vendor, internal controls, and cyber domains
* Perform controls testing to validate compliance with control requirements for new and existing technologies, including cloud

* Conduct periodic risk assessments to identify and assess reasonably foreseeable internal and external threats to information, operations, and/or applications
* Engage with partners in Information Security, Information Technology, and Corporate Audit to efficiently ensure compliance with SOX, PCI, and other regulatory/statutory requirements

What you need to succeed (minimum qualifications)

High School Diploma, GED or High School Equivalency.
Embraces Diverse People, Thinking and Styles
Consistently makes safety and security, of self and others, the priority.
3-5 years of experience with information technology security programs, audits, controls, and/or risk assessments
Bachelors degree in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information Security
Understanding and working knowledge of cybersecurity governance frameworks such as NIST, CIS, and SANS
Exceptional written and verbal communication skills
Ability to effectively manage time and productivity with competing priorities in a rapidly changing, fast-paced, interactive, results-based team environment

What will give you a competitive edge (preferred qualifications)

Bachelors Degree or 5+ years of equivalent experience.
Key industry certifications such as CISA, CISM, CISSP, etc.
Experience with cloud platforms such as AWS, Azure
Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics
Experience across IT domains such as application development, infrastructure, technical support and operations, or continuity of business
Experience with RSA Archer