5 years of experience as a Security Risk Analyst or similar role
1 year of experience with OneTrust or any GRC tool
1 year of experience with AGILE, Atlassian/Jira, and KanBans
1 year of experience working with legal and regulatory obligations related to information security
1 year of experience in deployment processes
1 year of experience applying risk management frameworks
Responsibilities
Create, conduct, and report on risk assessments for business systems applications
Train and coordinate with business systems application owners, data custodians, and business impact analysts on risk management
Provide governance over the teams and ensure they meet risk management requirements and industry control frameworks
Assist in building diagrams for zones, data flow, and applications necessary for each application's security
Create catalogs of data, integrations, and define components of the overall architecture in Business Systems
Collaborate to develop the DEVOPS process for AppSec, integrating scanning into the deployment process for custom apps in Business Systems and eventually R&D
Lead data collection efforts for custom application security reviews
Assist with the overhaul of Dynatrace Policies and Procedures
Desired Qualifications
Bachelor’s degree
Performing data classification
Conducting security risk reviews
Risk analysis and mitigation of potential vulnerabilities
Control framework implementation, such as NIST 800-53, ISO 27001 or NIST CSF
Maintaining systems/applications records status for reporting and alerts
Providing advice and guidance in implementing IT security policies and procedures to reduce risk
Job Description
Serve as a bridge between Dynatrace business units and the Security Risk Management organization to promote and facilitate adaptation and involvement with the Dynatrace Risk Management Framework.
Create, conduct, and report on risk assessments for business systems applications.
Train and coordinate with business systems application owners, data custodians, and business impact analysts on risk management for the business systems’ workstreams and sub-organizations.
Provide governance over the teams and ensure they meet risk management requirements and industry control frameworks for their systems/applications.
Assist in building diagrams for zones, data flow, and applications necessary for each application’s security.
Create catalogs of data, integrations, and define components of the overall architecture in Business Systems.
Collaborate to develop the DEVOPS process for AppSec, integrating scanning into the deployment process for custom apps in Business Systems and eventually R&D.
Lead data collection efforts for custom application security reviews.
Assist with the overhaul of Dynatrace Policies and Procedures in the coming year.
Location: Remote in the U.S. Applicants in the Central Time Zone or Eastern Time Zone are strong preferred.
Qualifications
Minimum Qualifications
High School or GED required.
At least 5 years of experience as a Security Risk Analyst or similar role
At least 1 year of OneTrust or any GRC tool
At least 1 year of AGILE, (Atlassian/Jira, and KanBans)
At least 1 year of experience working with legal and regulatory obligations related to information security.
At least 1 year of experience Deployment processes
At least 1 year of experience Applying risk management frameworks
Preferred Qualifications
Bachelor’s degree
Performing data classification
Conducting security risk reviews
Risk analysis and mitigation of potential vulnerabilities
Control framework implementation, such as NIST 800-53, ISO 27001 or NIST CSF
Maintaining systems/applications records status for reporting and alerts
Providing advice and guidance in implementing IT security policies and procedures to reduce risk.