Job#: 3040112

Job Description:

Day to Day Responsibilities: 

• Act as a Security focal point for the business, acting as a conduit to other security teams (Cyber Defense; Identity and Access Management; Governance, Policy and Awareness; and Security Architecture) as required to meet business needs.

• Deliver end-to-end advanced business centric security consultancy to ensure security coverage throughout the entire delivery lifecycle, making sure that security is considered in a proportionate and tailored manner for each specific situation.

• Complement and augment the knowledge of the other Security team members to address special and complex business demands, including external requests (legal, compliance, regulation) and input for training and awareness programs and security threat notifications.

• Formally assess information security risks related to business projects, determine the potential impact of those risks, and conduct follow-up on any necessary remediation efforts. Ensure that IT solutions and business processes comply with Company policy, Company controls and applicable legal and regulatory requirements while also ensuring that business objectives are met.

• Formally assess information security risks related new vendor partners, determine the potential impact of those risks, and conduct follow-up on any necessary remediation efforts. Execute and conduct continuous improvement for an ongoing vendor risk evaluation process ensuring that vendors adhere to our organization’s Vendor Information Security Requirements.

• Develop strategies and drive efforts to facilitate business ownership of data, including creating necessary tools, training materials and professional presentations. Conduct briefings and training sessions for associates at all levels of the organization. Facilitate selection, training and ongoing communications with data owners in both stores and corporate facilities. Facilitate and drive completion of an inventory of sensitive structured and unstructured data.

• Conduct business process improvement or targeted training (for individuals or specific groups) to address security concerns related to audits, assessments or weekly security reports.

• Develop a specialized knowledge of and key relationships with the local brand, ensuring that security is embedded in each brand and that their security needs are being met. Collaborate with other team members to identify opportunities for implementing common security solutions or leveraging existing solutions.

• Demonstrate specialized knowledge of Microsoft products with a focus on Office 365 and related collaboration tools.

• Travel to other company sites, as required, to support business projects or augment on-site security staff for special initiatives.

Project (10,000 foot view/why is the position open?):

Vendor Risk management-- Conducting 3rd party vendor risk assessments-- assessing projects/coming up with solutions to assess security process for vendors.

50-100 assessments /month-- sending out questionnaires and helping with analysis

More junior than senior type of person as far as the nature of the task

Doug was right out of school and working on his masters

Conducting 3rd party vendor assesments using GRC platform- Archer

Vendor prof records- making sure info is up to date

Reach out to internal parties to make sure vendor is still active

Sending out 3rd party questionaires—a lot of internal communication

A lot of email and tracking statues—data entry into GRC program- can be done to import process

Review documentations—crafting follow up conversation

Would have this person at least through the end of the year- have clearance from tower for replacement for Doug—would assume it will go longer

Working on implementation for new tools- at least 1st quarter.

Requirements:

• Must haves: Info Security background, more junior person

• Nice to haves: Experience with Archer or a similar tool. Need to have good soft skills-- will be working with a lot of different folks so good oral and written communication. Recent Master's grads who have internship experience have worked well in this group in the past.

Team Dynamics/Culture: Small team between PA and ME-- management in both locations

Everforth Apex is a world-class IT services company that serves thousands of clients across the globe. When you join Everforth Apex, you become part of a team that values innovation, collaboration, and continuous learning. We offer quality career resources, training, certifications, development opportunities, and a comprehensive benefits package. Our commitment to excellence is reflected in many awards, including ClearlyRateds Best of Staffing® in Talent Satisfaction in the United States and Great Place to Work® in the United Kingdom and Mexico.

Everforth Apex uses a virtual recruiter as part of the application process. Click here for more details. By applying for this job, you agree to receive calls, AI-generated calls, text messages, or emails from Everforth Apex and its affiliates, and contracted partners. Frequency varies for text messages. Message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You can reply STOP to cancel and HELP for help. You can access our privacy policy at https://www.apexsystems.com/privacy-policy

Everforth Apex Benefits Overview: Everforth Apex offers a range of supplemental benefits, including medical, dental, vision, life, disability, and other insurance plans that offer an optional layer of financial protection. We offer an ESPP (employee stock purchase program) and a 401K program which allows you to contribute typically within 30 days of starting, with a company match after 12 months of tenure. Everforth Apex also offers a HSA (Health Savings Account on the HDHP plan), a SupportLinc Employee Assistance Program (EAP) with up to 8 free counseling sessions, a corporate discount savings program and other discounts. In terms of professional development, Everforth Apex hosts an on-demand training program, provides access to certification prep and a library of technical and leadership courses/books/seminars once you have 6+ months of tenure, and certification discounts and other perks to associations that include CompTIA and IIBA. Everforth Apex has a dedicated customer service team for our Consultants that can address questions around benefits and other resources, as well as a certified Career Coach. You can access a full list of our benefits, programs, support teams and resources within our ‘Welcome Packet’ as well, which an Everforth Apex team member can provide.

Everforth Apex Systems is an equal opportunity employer. We do not discriminate or allow discrimination on the basis of race, color, religion, creed, sex (including pregnancy, childbirth, breastfeeding, or related medical conditions), age, sexual orientation, gender identity, national origin, ancestry, citizenship, genetic information, registered domestic partner status, marital status, disability, status as a crime victim, protected veteran status, political affiliation, union membership, or any other characteristic protected by law. Everforth Apex will consider qualified applicants with criminal histories in a manner consistent with the requirements of applicable law.

If you require an accommodation under the Americans with Disabilities Act to participate in an interview with a virtual recruiter or to use our website for a search or application, please contact our Benefits Department at [email protected] or 804-523-8228. Please note that this contact information is strictly to be used for medical ADA accommodations and that no other inquiries will be answered.

UnitedHealthcare creates and publishes the Transparency in Coverage Machine-Readable Files on behalf of Everforth Apex Systems.