Info Security Gov & Risk Specialist
Location: Charlotte
Posted on: June 23, 2025
|
|
|
Job Description:
Job Title: Info Security Gov & Risk Specialist (Hybrid)
Location: Frisco, Charlotte, Denver, or Iselin Job Overview:
Defines, enhances, and implements information security
configuration controls, while ensuring consistent and effective
information security administration procedures and processes. Key
Responsibilities and Duties: Review industry configuration
safeguards and monitor compliance for infrastructure assets:
databases, workstations, network, middleware, servers, cloud
services, and mobile Partners with multiple business stakeholders
to drive work and monitor through completion Analyze internal
information security controls and convert control criteria and
their severity into functional compliance scanning results Create
and support program governance documentation such as standard
operating procedures, control assessments and training materials
Monitor industry security updates, technologies and best practices
to improve security management Generate metrics and reports in
assigned functional business area to inform decisions on tactical
issues that impact the business Perform QA/QC activities to drive
configuration management program maturity Support remediation
efforts through gap identification and action plan creation to
operationalize scan results Participates in various tool testing
and validation efforts for on-prem and cloud scanning Required
Qualifications: Bachelor s degree in IT or Cybersecurity Experience
with developing, customizing, reviewing and updating a wide range
of enterprise security configuration baselines, with input from
subject matter experts Experience interpreting and applying CIS
Benchmarks, DISA STIGs, SRGs, and has an awareness of the National
Vulnerability Database (NVD) and Common Vulnerability Enumeration
(CVE) 1 year of direct experience working with teams in an agile
and horizontal environment Experience with remediation activities
within Cybersecurity Ability to translate the low-level security
baseline requirements into security baselines Ability to work
independently to anticipate needs, support a changing landscape and
willingness to act with minimal supervision Preferred
Qualifications: Knowledge and understanding of technology
operations/processes, as well as experience with evaluating
technology-related risks and controls Experience in working with
the NIST 800 Special Publication series and providing guidance for
risk management and security control implementation, including
800-53 and others. Experience with one or more of the following
technologies: Networking (including CISCO or Palo Alto); Operating
Systems (including Windows Server, RedHat, or Linux); Cloud
Services (including GCP, AWS, and Azure) Ability to apply a
technical skill set to research and document industry knowledge and
best practices with established or newly released applicable
security controls Written and verbal communication skills:
articulate and effective communicator and presenter, able to
describe complex problems in both technical and business terms
Demonstrated experience learning new technologies Experience with
an Agile methodology Knowledge of ServiceNow and Archer
Keywords: , Greenville , Info Security Gov & Risk Specialist, IT / Software / Systems , Charlotte, South Carolina
