Job Description

United States, Georgia, Atlanta

Information Technology

15-Jan-2021

Ref : 4561

How you'll help us Keep Climbing (overview & key responsibilities)

You are someone who, when asked to do the impossible, responds with a grin -- Bring it on! You want a job, not because it is easy, but because you get to drive real transformational change. You are passionate about identifying, communicating, and reducing risk. For you, Information Security is a passion and not just a job.

As a member of the IT Risk team within Deltas Information Security Governance Risk and Compliance organization, youll manage information security and technology risks throughout the third-party life cycle (planning, due diligence, contract, transition, ongoing assessment, and exit). Youll also have the opportunity to partner with IT Portfolios (Infrastructure and Reliability, Architecture, Channels Technology), key functional partners (Legal, Privacy, Corporate Audit) and external assessors.

Deltas Information Security Governance Risk and Compliance team is actively working to implement a controls focused mindset, shift our approach from a compliance focus to a risk focus, and establish meaningful metrics to truly measure Enterprise Risk and the effectiveness of the Information Security practice. We have the opportunity to drive meaningful change through a well-established, well respected company leading the aviation industry.

This position can be located in Atlanta, GA or Minneapolis, MN.

Duties and Responsibilities

Your main responsibilities in this role include the following:

* Participate in vendor risk management activities including but not limited to third party risk assessments, contract review and termination activities
* Create meaningful reports to effectively communicate and relate security, compliance, and/or governance-related concepts and controls across a variety of audiences including non-technical audiences
* Track identified findings of non-compliance with Delta Information Security Standards to remediation or to an acceptable level of risk

What you need to succeed (minimum qualifications)

Embraces diverse people, thinking and styles

Consistently makes safety and security, of self and others, the priority

High School diploma, GED or High School Equivalency

3-5 years experience in with information technology security programs, audits, controls and/or third party risk management

Ability to identify and assess IT security controls against Delta policies and standards and identify and communicate gaps

Exceptional written and verbal communication skills

Ability to effectively manage time and productivity with competing priorities in a rapidly changing, fast-paced, interactive, results-based team environment

What will give you a competitive edge (preferred qualifications)

Bachelors Degree or 5 plus years of relevant experience in Computer Science, Mathematics, Engineering, Information Systems, Management Information Systems or Information Security

Key industry certifications such as CISA, CISM, CISSP, etc.

Understanding and working knowledge of third-party risk concepts and experience in performing vendor risk assessments

Experience across Information Security domains such as governance & compliance, incident response, identity & access management, penetration testing, or e-discovery & forensics

Experience across IT domains such as application development, infrastructure, technical support and operations, cloud technologies and/or continuity of business

Experience with RSA Archer