CYBER RISK & COMPLIANCE SENIOR ANALYST
The Cyber Risk & Compliance Sr Analyst works as part of a team to assess cybersecurity and technology risks against established frameworks, standards, policies, and methodologies. This individual reviews and recommends controls and best practices, as well as continually evaluates risk exposure and tolerance. The role also reviews and documents deficiencies, advocates for change, and when appropriate, escalates issues.
A Cyber Risk & Compliance Sr Analyst reports on the state of risk for their assigned business areas by providing visibility and helping leaders understand where risk resides and where improvements can be made to protect the business. Such reporting includes adherence to regulations and industry guidelines, as well as company policies and standards. This role focuses on risks within internal and business-controlled areas of security, technology, and business processes while partnering with the product, engineering, and architecture teams across various levels as part of the normal course of work.
Primary Responsibilities and Essential Functions:
- Serve on a team responsible for reviewing and documenting where security and technology controls are adequate or require improvement.
- Recommend risk reduction steps to be implemented and maintained through policies, procedures, frameworks, and technical controls.
- Document, formulate, and communicate security improvements that balance risk with business objectives, and do not diminish efficiencies or innovation.
- Demonstrate in-depth knowledge and application of cyber risk assessment and measurement techniques in areas including cloud security, infrastructure protection, system resiliency, application security and architecture, and data protection throughout the data lifecycle.
- Develop and maintain assessment questionnaires to understand cyber risk from various areas.
- Manage compliance impact and requirements for technology general control compliance.
- Provide regular and timely reporting on the status of cybersecurity risk across the organization.
- Support the continuous development and improvement of our cybersecurity program (including risk framework, assessment, policies, standards, etc.), reflecting business needs while considering the nature of a diversified business organization.
- Engage with the Cybersecurity, Product, Development, and Engineering teams to assist in effectively driving program maturity and mitigation of cybersecurity risks.
- Stay abreast of relevant security regulations, laws, and technologies and adjust programs and processes as needed
- BS/BA degree in Information Security, Information Assurance, Computer Science, Engineering or a related discipline with 4+ years of experience in a related field; or MS/MA degree in a related discipline with 2+ years of experience in a related field; or Ph.D. in a related discipline with 1+ year of experience in a related field.
- 4+ years of experience in cybersecurity or cyber risk as a practitioner
- Familiar with one or more regulatory requirements and laws such as, but not limited to, PCI, CCPA, etc.
- General understanding of risk methodologies such as the Factor Analysis of Information Risk methodology.
- Strong written and oral communication skills across varying levels of the organization.
- Organized, with the ability to prioritize and complete tasks within defined SLAs.
- Ability to work in a team and independently to fix issues with little or no supervision
- Ability to build effective working relationships at all levels of the organization
- Excellent communication skills
- At least one security certification like CISSP, CISM, CISA, CTPRM, CCSP.
- At least three years of experience with cloud and container technologies.
- Additionally, experience in one or more: ISO 27001, NIST CSF.
- Experience in the Telecommunications industry.
About Cox Communications
Cox Communications is the largest private telecom company in America, serving six million homes and businesses. That’s a lot, but we also proudly serve our employees. Our benefits and our award-winning culture are just two of the things that make Cox a coveted place to work. If you’re interested in bringing people closer through broadband, smart home tech and more, join Cox Communications today!
Cox empowers employees to build a better future and has been doing so for over 120 years. With exciting investments and innovations across transportation, communications, cleantech and healthcare, our family of businesses – which includes Cox Automotive and Cox Communications – is forging a better future for us all. Ready to make your mark? Join us today!
Benefits of working at Cox may include health care insurance (medical, dental, vision), retirement planning (401(k)), and paid days off (sick leave, parental leave, flexible vacation/wellness days, and/or PTO). For more details on what benefits you may be offered, visit our benefits page.
Cox is an Equal Employment Opportunity employer – All qualified applicants/employees will receive consideration for employment without regard to that individual’s age, race, color, religion or creed, national origin or ancestry, sex (including pregnancy), sexual orientation, gender, gender identity, physical or mental disability, veteran status, genetic information, ethnicity, citizenship, or any other characteristic protected by law.
Statement to ALL Third-Party Agencies and Similar Organizations: Cox accepts resumes only from agencies with which we formally engage their services. Please do not forward resumes to our applicant tracking system, Cox employees, Cox hiring manager, or send to any Cox facility. Cox is not responsible for any fees or charges associated with unsolicited resumes.
JOB CATEGORY: Information Technology
JOB LEVEL: Individual Contributor
DIVISION: Cox Communications
LOCATION: Atlanta GA
To apply for this job please visit jobs.coxenterprises.com.