Sr. Sec Remediation Engineer

Full Time United States - Missouri - Maryland Heights Posted 04/20/2021 Areas of interest: Cybersecurity, Information Technology Requisition Number: 279643BR ISE341
Leverage industry and technical expertise to assist leadership teams to more effectively address enterprise security risk remediation. Lead discussions with leadership around remediation of security risks and control gaps. Establish a project around remediation plans to eliminate risk and control gaps. Responsible for identifying opportunities for organization to remediate security gaps and improve business performance. In addition, this role will apply the concepts of Enterprise Risk Management to help organization identify, assess, and mitigate emerging risks.

Actively and consistently supports all efforts to simplify and enhance the customer experience.
  • Identify and address business needs while delivering prioritized security risks from Risk Registry to leadership groups within departments and functions of the organization.
  • Conduct client discussions and meetings to communicate a broad range of services.
  • Prepare and manage engagements to include preparing concise, accurate documents and balancing project economics management with the occurrence of unanticipated issues.
  • Plans, manages, and monitors security remediation projects from risk stage through implementation
  • Act as escalation point of contact for Security Remediation and oversee key stakeholder requirements and project objectives for the entire team.
  • Manage and advise on project management processes and methodologies for remediation team to ensure assigned projects are delivered on time, within budget and meet high quality standards in remediation measures and leadership expectations using the appropriate tools.
  • Identify opportunities proactively to remediate security gaps to improve business or department performance.
  • Define security controls and processes and propose recommendations to remediate security risk and control gaps/solutions.
  • Develop meaningful metrics to reflect true posture of the environment to present to organization, allowing for educated decision making based on risk.
  • Research methods to improve security remediation program and security infrastructure processes to be more effective and efficient to include implementing current security practices in industry.
  • Liase with business groups to provide awareness for IT security services, understand key security principals to apply, and gain an understanding of their programs to provide security-related assistance where needed requiring strong business knowledge and security domain expertise.
  • Communicate security issues to a wide variety of internal and external “customers” to include technical teams, executives, risk groups, and vendors.
  • Identify, assess, and mitigate emerging risks using concepts and methodologies under Enterprise Risk Management methods used by organization.
  • Maintain deep subject matter expertise of current threat, vulnerabilities, attacks and countermeasures in order to respond effectively to findings.
  • Provide regular coaching and mentoring and training to team members on findings and plans for remediation.
  • Serve as escalation point in absence of leadership for team members and external departments’ inquiries.
  • Monitor workflow of team’s engagements, audit schedule, and testing timeframes and provide recommendations to prioritize team deliverables.
  • Update and review department documentation, procedures and program effectiveness as needed.
  • Perform other duties as assigned.

Skills/Abilities and Knowledge

Ability to read, write, speak and understand English
Advanced knowledge of performing IT Risk & Security assessments across a broad range of technologies, leveraging thorough technical and operational knowledge of Information Security best practices and industry standards
Advanced knowledge of project management methodologies and practices
Advanced knowledge of various operating systems (Window, UNIX, Linux, AIX, etc.) with an emphasis on vulnerability assessment and hardening.
Advanced Knowledge and experience required in the areas of security assessment and vulnerability scanning, risk based threat analysis, and security mitigation techniques
Advanced knowledge of at least one scripting language
Advanced knowledge of Common Vulnerability Scoring System (CVSS)
Advanced knowledge of technical aspects of the following areas: IT Audits, IT Risk Management, Information Security and/or Technical Privacy. Intermediate working knowledge of planning and executing remediation projects in one or more of the following areas: Information Security, Risk Management, Technical Privacy/Compliance, IT Security Audit, and / or IT Risk Management.
Intermediate knowledge of Internal and External Audit practices and/or knowledge of Information Security practices in a professional services firm or large enterprise.
Intermediate knowledge of utilization of network and application security assessment tools and methodologies to manage and address security and control issues with the following technologies: UNIX, Windows Servers, databases (Oracle, SQL, DB2, etc), mainframe, firewalls, routers, wireless environments, mobile devices, and cloud computing.
Intermediate understanding of Information Security strategy, organization, policy and Governance fundamentals.
Intermediate Experience with Vulnerability Scanner a plus
Ability to implement change management practices and facilitate process change in external departments
Ability to present technical concepts to non-technical audiences
Ability to be adaptable and flexible while working in a dynamic environment
Foster and maintain relationships with key stakeholders, departmental leadership, and business partners
Excellent oral and written communications skills

Bachelor’s degree in BA or BS Management Information Systems, Computer Science, Accounting, and / or business related discipline, or equivalent work experience.
One of the following or equivalent certifications required or in the process of obtaining:
Information Systems Security Professional (CISSP)
Certified Information Security Manager (CISM)
Certified Information Systems Auditor (CISA) certifications
Certified Ethical Hacker (CEH) or other security, risk, or audit professional related certifications

Related Work Experience
6 plus years IT Security and/or Corporate Risk Work experience
3 plus years IT Risk Management and/or IT Internal Audit including experience in Information Security & Technical Privacy.

Related Work Experience

Experience working within a data center
Experience communicating with business professionals to articulate problems that may arise

Office environment
The health and safety of our employees and candidates is very important to us. Spectrum has adopted virtual mobile recruiting tools that allow us to continue meeting new candidates. We look forward to “virtually” meeting you.

The Spectrum brands (including Spectrum Networks, Spectrum Enterprise and Spectrum Reach) are powered and innovated by Charter Communications. Charter Communications reaffirms its commitment to providing equal opportunities for employment and advancement to qualified employees and applicants. Individuals will be considered for positions for which they meet the minimum qualifications and are able to perform without regard to race, color, gender, age, religion, disability, national origin, veteran status, sexual orientation, gender identity, or any other basis protected by federal, state or local laws.

Related jobs

View All of Our Available Opportunities

Sign up for job alerts

Sign up to receive the latest career opportunities directly to your inbox.

Areas of interestEnter a location and a category, and click "Add" to create your Job Alert.

  • Cybersecurity, Maryland Heights, Missouri, United StatesRemove
  • Information Technology, Maryland Heights, Missouri, United StatesRemove

Spectrum employeeAre you currently a Spectrum employee?