Homeoffice Cyber Risk Management Engineer chez 6743-DDC - Enterprise Architecture

• Creates and updates a view of IT assets, related attack surfaces, and threat actors to illustrate the flow of data and associated security threats. Track threat actor groups, Understand adversary tactics, techniques, and practices.
• Implements enterprise technologies and security products that will support security requirements for the enterprise and its customers, business partners, and vendors. Maintains processes and documentation templates, and leverage tooling to enable security service delivery.
• Serves as a security SME in application development, database design, network, and/or platform and operating system efforts, helping project teams comply with enterprise and IT security policies, industry regulations, and best practices. Engages with security specialists, technology engineers and other functional area specialists to ensure adequate enterprise security solutions are in place to sufficiently mitigate identified risks, and to meet business objectives and regulatory requirements.
• Analyzes threat exposure based on emerging security threats, vulnerabilities, and risks and contribute to the development of solution architecture.
• Assesses the effectiveness of cybersecurity capabilities, both internal to the organization and at third parties using a prescribed assessment methodology. Influences decision making by educating business stakeholders on the risk.
• Works with engineers, other functional area specialists and security specialists to ensure security solutions are correctly implemented for IT systems and platforms to mitigate identified risks sufficiently and support business objectives. Serves as a cybersecurity subject matter expert, assessing cybersecurity risks to specific solutions and identifying options and recommendations for mitigating those risks.
• Communicates and interacts effectively and professionally with co-workers, management, internal and external customers and partners. Communicates cybersecurity risks and solutions to various technical audiences and levels of management. Maintains communication with management regarding development within areas of assigned responsibilities and perform special projects as required or requested. Continuously tracks and reports the status of all operational and development efforts.
• Develops strong working relationships with and offer continuous assistance to other contributors in the information technology organization.
• Establishes and maintains relationships with suppliers in the information security industry.
• Educates, coaches, and mentors junior members of the team on technical, company policy & procedure, and other topics.

• 2+ years of professional experience with Bachelor's degree in Cyber Security, Computer Science, Information Systems or equivalent work experience in the IT field.
• A complete and working understanding of one or more information security and appropriate use enforcement technology solutions including advanced malware detection/prevention, mobile device virtualization/MDM, cloud security management, structured and unstructured database encryption, mobile application and remote API security, fine-grained application authorization and access control, security event visualization, big data user and entity behavior analytics, active adversary deception, and others.
• Knowledge of contemporary security theory and application (including vulnerabilities, exploitation techniques and attack vectors).
• Understanding of systems development lifecycle and projects work.
• Knowledge of laws, regulations, and standards relevant to the US Healthcare industry.
• Excellent written and verbal communication skills (including technical writing and procedure maintenance). Must be able to effectively communicate security concepts to a technical audience
• Able to understand moderately complex written and oral instructions
• Ability to clearly present security subjects and findings to technical peers
• Strong technical writing skills including documentation development, process mapping, and visualization
• Adaptive within domains of expertise.
• Ability to interact well with co-workers and outside contacts

Licenses

• Certified Information Systems Security Professional (CISSP) is preferred
• GIAC is preferred

Base Pay Information

The national base pay range at the end is a good-faith estimate of what Delta Dental may pay for new hires. Actual pay may vary based on Delta Dental’s assessment of the candidate’s knowledge, skills, abilities (KSAs), related experience, education, certifications and ability to meet required minimum job qualifications. Other factors impacting pay include prevailing wages in the work location and internal equity. 
Pay Grade 21. $80,500 - $174,300