This job has expired, please see additional jobs below
Global Security Assurance Consultant
Aflac
Atlanta, GA, United States
Job Details - this job has expired, please see similar jobs below
Description
Spread Your Wings
We are the Duck. We inspire and are inspired, listen and respond, empower our people, give back to our community and, most importantly, celebrate every success along the way. We do it all – The Aflac Way.
Aflac, a Fortune 500 company, is an industry leader in voluntary insurance products that pay cash directly to policyholders and one of America's best-known brands. Aflac has been recognized by Fortune magazine as one of the 100 Best Companies to Work For in America for 19 consecutive years, one of the Best Workplaces for Millennials for the past two years and one of America's Most Admired Companies for 16 consecutive years.
Our business is about being there for people in need. So, ask yourself: Are you the Duck? If so, there’s a home — and a flourishing career — for you at Aflac.
The Company
Aflac
The Location
Atlanta, GA
The Division
Global Security/Global Security & Program Development
The Opportunity
Global Security Assurance Consultant
Job Summary
Measure the operating design, effectiveness, and efficiency of the Global Security program. Work with Global Security Managers toward a common goal of maintaining information security maturity at a level commensurate with financial institutions to ensure the security program can continue to support the company’s goals for growth and efficiency.
Principal Duties & Responsibilities
Enhance and maintain the global security capabilities catalog to ensure accuracy and relevancy based on changes in regulatory and framework methodologies
Conduct Information Security and Cybersecurity assurance reviews against the established frameworks (NIST CSF including NIST 800-53 controls, Generally Accepted Recordkeeping Principles for the area of Information Governance, and ISO 22301 for the area of Business Resilience) and regulatory requirements to identify process or operating design improvements and provide recommendations for control enhancements
Identify efficiencies and effectiveness opportunities and prioritizing recommendations based on agreed upon priority ranking system to be developed
Identify opportunities for implementation of systemic controls over manual
Monitor for appropriate level of both preventative and detective controls
Identify integration points into enterprise processes as well as with disciplines that are outside of the security department but have security related responsibilities to provide holistic view (i.e. Asset Management, Patch Management, Application Development, Architecture, Infrastructure, Third Party Risk Management, Physical Security, Business Continuity)
Communicate to leadership the results of assurance testing and changes affecting the organization’s Information Security posture. Apply the organization’s risk tolerance and risk management approach in evaluating the security posture, and escalate matters of significance
Interface with designated stakeholders and subject matter experts that own Information Security and Cybersecurity controls
Partner with GRC team to effectively utilize GRC solution for assurance related activities and reporting
Lead the self-assessment program
Initially provide independent evaluation of existing NIST CSF, GARP or ISO 22301 self-assessments
Mature the program through the creation and maintenance of a multi-lateral assessment process incorporating self-testing, audit results, incident review, regulatory alignment, macro trends and management observation and insights
Act as liaison between information assurance and company level risk assessment/framework
Provide an annual report to the SVP, Global Chief Security Officer on the state of maturity of the Global Security program
Assist in developing global security strategies, plans, measures, programs and reports on the effectiveness of measure within the regions to the Global Chief Security Officer
Performs other duties as required
Qualifications
Education & Experience
Bachelor’s degree in computer science, business administration, or a related field, and five to seven years of information technology security experience or an equivalent combination of education and experience
Certified Information Security Manager (CISM) or Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) certification is preferred
Job Knowledge & Skills
Excellent verbal and written communication skills
Experience applying industry-recognized security standards effectiveness across all disciplines
Knowledge and experience in the following:
Technology Risk Management concepts and control
Managing to regulatory requirements for protecting information assets
Global technology organizational concepts
Principles and methods of all information security disciplines
Knowledge of regulatory protective requirements of personal private information (i.e. MyNumber, HIPAA, GLB, and financial integrity under Sarbanes-Oxley, etc.)
Knowledge of and in-depth experience in the ability to apply industry-recognized security standards
Core Competencies
Action Oriented, Customer Focus, Adaptability, Listening, Ethics and Values, Integrity and Trust
Functional Competencies
Business Acumen, Decision Quality, Informing, Negotiating, Strategic Agility
The Benefits
Aflac is known for treating our employees exceptionally well. As one of the leaders in the insurance industry, we’re able to offer one of the most comprehensive health benefits packages available in corporate America, including free coverage from one of our pioneering insurance products, the Aflac Cancer policy. Our employees also enjoy a host of other benefits, including advancement opportunities, opportunities for continued education and professional development, merit increases and performance bonuses, profit-sharing 401(k), stock purchase plans, and many more.