Information Security Programs Administrator - Associate

Job Title : Information Security Programs Administrator

Corp Level : Associate I

Location : COE

Key responsibilities :

• Track the performance of security measures to protect information and network infrastructure and computer systems
• Responsible for the operations of the Third-Party Cyber Risk Management program.
• Conduct thorough risk assessments of third-party vendors and partners.
• Implement risk management strategies to mitigate potential threats.
• Monitor and review third-party compliance with security policies and standards.
• Collaborate with Revantage and Portfolio Companies IT and third parties on their remediation effort
• Collaborate with procurement and legal teams to ensure security requirements are included in contracts.
• Perform annual reviews of provider SOC reports and document the review for audit reviews
• Responsible for the operations of the Security Awareness Training program.
• Administer and maintain the KnowBe4 security awareness training platform.
• Develop and deliver engaging security awareness programs to educate employees on best practices.
• Track and report on training completion rates and effectiveness.
• Continuously update training materials to reflect the latest security threats and trends.
• Maintain policies and procedures for identity and access governance.
• Ensure proper access controls are in place and regularly reviewed.
• Maintain recertification processes and update / remove reviewers.
• Run IAM reports to clean up unused accounts.
• Run reports on stale groups and perform clean-up
• Represent security in annual external audits
• Maintain policies and procedures for SSPM and oversee related operations
• Conduct regular security posture assessments and implement necessary improvements.
• Sort and report on critical vulnerabilities, setting up reports and rules for notifications. Prioritize and assign vulnerabilities by categories to the infrastructure team.
• Identify and clean up dormant users.
• Run regular security posture reports
• Maintain policies and procedures for CSPM and oversee related operations
• Identify and mitigate risks in cloud environments through continuous monitoring and automated remediation.
• Prioritize and assign vulnerabilities by categories to the infrastructure team.
• Discover and integrate additional tools with CSPM tool for enhanced monitoring
• Maintain policies and procedures and administer the vulnerability management program. Assign vulnerabilities by categories to the infrastructure team to remediate
• Monitor DLP and Insider Threat Management systems and respond to alerts
• Monitor systems for irregular behavior and set up preventive measures.
• Maintain secure, resilient enterprise-grade cloud processes in tandem with architects and system engineers.
• Develop, maintain, and utilize scripts for various administrative and application purposes.
• Stay apprised of current and proposed security changes impacting regulatory, privacy, and security industry best practice guidance. Apply learned knowledge across key business lines, including products, practices, and procedures.
• Respond to ServiceNow security tickets, troubleshoot, and resolve reported issues.
• Participate in the change control process.
• Participate in on-call duties during assigned periods.
• Perform other duties as assigned.

WHAT YOU BRING TO THE ROLE

Required :

Preferred :