General Job Requirements:
- Participates in a global security risk assessment program.
- Prepare and provide regular GRC Reports and Metrics (Weekly, Monthly, Quarterly, Yearly, Ad Hoc, etc.) to the Head Cybersecurity Specialist and CISO.
- Conduct Cybersecurity Risk Management, including Risk Assessments of the client Information assets and services, and work with the Risk Owners to mitigate the Risks through appropriate Cybersecurity Controls.
- Conduct Cybersecurity Risk Management, including Risk Assessments of the client Information assets and services, and work with the Risk Owners to mitigate the Risks through appropriate Cybersecurity Controls.
- Develop, maintain and regularly update a Cybersecurity Risk Register and contribute towards Cybersecurity improvements.
- Perform Compliance Management for the client Policies, Procedures, applicable Regulations as well as Standards and Audit recommendations.
Policies, Regulatory and Compliance:
- Works with Internal Audit, Stakeholders, General Counsel and outside consultants as appropriate on required security assessments and audits
- Assists in executing strategy for dealing with increasing number of audits, compliance checks and external assessment processes for internal/external auditors, PCI DSS, ISO, HIPAA, HITRUST, and NIST 800-171
- Routinely completes privacy gap analysis of current laws and regulations and ensures organization's compliance therewith.
- Coordinates and tracks all information technology and security related audits including scope of audits, timelines, auditing agencies and outcomes.
- Interact with Third-Party Suppliers / Vendors / Contractors / Consultants and ensure GRC projects are completed on time and within budget and desired quality.
- Provides guidance, evaluation and advocacy on audit responses.
Preferred Skills/Experience:
- Bachelor's degree in Information Systems, Cybersecurity, or a related field preferred.
- Certifications that are strongly preferred (not required): CISA, CISSP, CISM and/or other security certifications
- Experience in security governance, security compliance or risk management preferred.
- Experience in designing and implementing security standards and best practices.
- Experience in PCI DSS, ISO 27001, SOC2 audits is preferred.
- Experience developing and/or analyzing security policy.
- Hands-on experience in establishing and maturing an organization's Security Program.
Professional Skills:
- Great problem-solving skills.
- Excellent collaboration skills – must be eager to work as part of a cohesive team and work as a partner to other teams within Aristocrat, Inc., locally and globally.
- Exceptional communication skills, including the ability to gather relevant data and information, connect through listening, dialogue freely, and verbalize ideas effectively.
- Proven presentation and facilitation skills. organization's business needs.
