Information Security Officer Alpharetta, GA / Portland, OR We are seeking a highly motivated, energetic and driven individual for our Information Security Officer (ISO) role to be based in our Alpharetta, GA, or Portland, OR office. Acting as a local voice of Information Security across our US based businesses; you will be responsible for the research, implementation and review of Information Security controls and processes. Working within the newly established 'Market Information Security Office', this position will have the opportunity to define new working practices between InfoSec, the business and technology teams.
The role has the opportunity for travel to other US based offices in order to further develop working relationships and provide Information Security guidance. With responsibility for driving the implementation of our Information Security strategy across multiple businesses, it is essential that you have strong communication skills. Initial projects will include a technical risk assessment of existing security controls and the rollout of specific Information Security roadmaps for each of the businesses.
The ISO will then guide development squads, solutions architecture and security champions to help deliver against the roadmap and further develop our secure application development processes. Ideal candidates will have proven experience within application security and/or development, in which they may have previously been a developer or transitioned from a developer into an application security role. Key Accountabilities/Responsibilities: Operating across technology and the business, the ISO is responsible for influencing colleagues at a complex and international scale.
Acting as a Subject Matter Expert within the business, the main responsibilities of the role include; Maintaining effective ongoing engagement with technical and business teams through internal mediums such as; scheduled catch-ups, technology stand-ups, project elaboration meetings, etc. Performing the running, and scheduling of security testing according to RBI policies. Provide expertise and advice on the prioritisation and remediation of identified security issues in conjunction with business processes.
Aiding threat modelling discussions in order to help design systems in conjunction with policy and industry best practices. Working with the business to provide responses to customer security enquiries Identifying and driving forward governance and compliance control improvements Undertaking incident management within the market, communicating with key affected stakeholders. Supporting the Information Security education initiatives for technologists, and security champions.
Assisting Security Architecture by promoting "Secure by Design" principles within the markets. Assisting Security Engineering & Operations through regular communication on tooling, automation and processes. Supporting the Information Security programme through the creation of metrics and reports.
Essential Skills and Experience: 5+ years' experience within application development or an application security role Experience or involvement with implementing secure development practices; application security testing, threat modelling, application architecture etc. Must be a powerful communicator with the ability to influence colleagues Must be naturally inquisitive and be a strong problem solver Strong written and verbal communication skills Desirable Skills and Experience Strong knowledge of the OWASP Top 10 Professional Information Security certifications such as CSSLP, GWE, GSSP or GWAPT Experience within DevSecOps Experience in CI/CD - Deployment pipeline experience (Jenkins, Ansible, Terraform) Experience with different hosting technologies (AWS/ Azure/ On-Premise) Understanding of Windows and Linux infrastructure Experience with the Mitre ATT&CK Framework Solid project and time management skills RBI is an equal opportunity employer: qualified applicants are considered for and treated during employment without regard to race, color, creed, religion, sex, national origin, citizenship status, disability status, protected veteran status, age, marital status, sexual orientation, gender identity, genetic information, or any other characteristic protected by law. If a qualified individual with a disability or disabled veteran needs a reasonable accommodation to use or access our online system, that individual should please contact 1.877.734.1938 or firstname.lastname@example.org.