Cybersecurity Risk and Compliance Analyst

at  Lexmark International Inc

Cebu City, Cebu, Philippines -

Start DateExpiry DateSalaryPosted OnExperienceSkillsTelecommuteSponsor Visa
Immediate08 Nov, 2024Not Specified10 Aug, 20243 year(s) or aboveIso,Project Management Skills,Business Systems,Root,Interpersonal Skills,New Concepts,Risk Frameworks,ItNoNo
Add to Wishlist Apply All Jobs
Required Visa Status:
CitizenGC
US CitizenStudent Visa
H1BCPT
OPTH4 Spouse of H1B
GC Green Card
Employment Type:
Full TimePart Time
PermanentIndependent - 1099
Contract – W2C2H Independent
C2H W2Contract – Corp 2 Corp
Contract to Hire – Corp 2 Corp

Description:

Responsibilities :
Job Description: Security Governance, Risk and Compliance is responsible for assessing the information security risks in Lexmark’s environments, developing policies and security controls to address the security risks and working with IT and all Lexmark business units on complying with the policies through awareness and engagement. This role is responsible for supporting the risk management process, customer support, and security compliance requirements.

Job Responsibilities:

  • Complete internal audits for ongoing security compliance requirements and evaluate impact of changing regulations for ISO 27001, CMMC, and others.
  • Assist with external security audits for ISO 27001, SOC 2, and others.
  • Complete risk assessments based on CIS 18 and NIST CSF frameworks, assist risk owners to create risk treatment plans and follow up on deadlines, assist with analyzing data and creating risk charts for senior management.
  • Support of the response process for customer security requests and customer security audits
  • Support the third-party risk management program through vendor response evaluations
  • Ownership of the maintenance of Lexmark’s compliance documentation and related standards and procedures.
  • Work with Lexmark business units to implement, communicate and evangelize security controls.
  • Work independently on assigned tasks and projects with minimal management oversight and guidance.
  • Communicate with personnel and management at various levels across the organization and in other geographies.
  • Communicate results and project status effectively to management.
  • Execute special projects as assigned.

Job Requirements:

Competencies, Skills, Knowledge & Abilities:

  • Knowledge of IT Security Risk Frameworks, such as NIST Cybersecurity Framework and CIS 18
  • Knowledge of controls frameworks such as ISO 27001 and SOC 2, best-practices, and principles for cybersecurity
  • IT background and knowledge of IT business systems
  • Experience conducting compliance or audit assessments
  • Ability to own initiatives with minimal direct supervision
  • Strong analytical and data analysis skills
  • Executive presence, and effective communication, presentation, and interpersonal skills
  • Ability to perform root cause analysis and make sound and timely decisions to resolve problems
  • Ability to work across different departments and communicate with end users
  • Appropriately use and protect confidential information acquired in the course of the job
  • Ability to learn new concepts and information on a frequent basis
  • Excellent organizational, documentation, and project management skills with attention to detail
  • Proven ability to manage multiple priorities
  • Knowledge of OneTrust tool is a plus

Education and Experience

Required

  • 3-5 years of experience in IT, Cybersecurity Governance, Risk or Compliance/Audit role
  • Bachelor’s degree in business, IT, MIS, Computer Science, or similar technical field

Preferred

  • 6-10 years of relevant experience
  • CISSP, CISA, CISM or similar professional certification

How to Apply ?
Are you an innovator? Here is your chance to make your mark with a global technology leader. Apply now!

Responsibilities:

  • Complete internal audits for ongoing security compliance requirements and evaluate impact of changing regulations for ISO 27001, CMMC, and others.
  • Assist with external security audits for ISO 27001, SOC 2, and others.
  • Complete risk assessments based on CIS 18 and NIST CSF frameworks, assist risk owners to create risk treatment plans and follow up on deadlines, assist with analyzing data and creating risk charts for senior management.
  • Support of the response process for customer security requests and customer security audits
  • Support the third-party risk management program through vendor response evaluations
  • Ownership of the maintenance of Lexmark’s compliance documentation and related standards and procedures.
  • Work with Lexmark business units to implement, communicate and evangelize security controls.
  • Work independently on assigned tasks and projects with minimal management oversight and guidance.
  • Communicate with personnel and management at various levels across the organization and in other geographies.
  • Communicate results and project status effectively to management.
  • Execute special projects as assigned

REQUIREMENT SUMMARY

Min:3.0Max:10.0 year(s)

Financial Services

IT Software - Network Administration / Security

Finance

Graduate

Business it mis computer science or similar technical field

Proficient

1

Cebu City, Philippines