< Back to Job Search
Location: Cheyenne, WY
Job Type: Contract to Hire
Job Code: JPC - 208

Job Description

Information Security Business Partner 

Location: Cheyenne, WY (5 days a week)

Type: CTH

Max Salary: 103K/year

Job Description:

 

Client has an exciting opportunity for an Information Security Business Partner (ISBP) at our company location in Cheyenne, Wyoming. The ISBP is a key part of our Information Security and Governance, Risk, and Compliance (GRC) teams. This position is full-time, permanent, and salaried with standard work hours, has no supervisory duties, and requires very little travel. We are looking for someone who can start immediately.

 

The Information Security Business Partner will function as a central Information Security subject matter expert supporting the company teams. They will provide cyber security advice to business partners to effectively manage risk to the business and will validate that security and technology controls are implemented to support business and security requirements.

 

Primary responsibilities of the Information Security Business Partner include the following:

  • Partner with Business Units to identify, analyze and mitigate security risk associated with activities executed throughout the company business.
  • Provide security consultation for new and ongoing enterprise initiatives.
  • Consult on defining security policies and best practices.
  • Educate and build awareness of security requirements.
  • Improve compliance with security standards and policies across enterprise teams.
  • Participate in testing and monitoring of security and privacy controls executed by the company
  • Lead security enhancement projects focused on new or changing technologies.
  • Publish executive-level security reporting across governance, risk, and compliance activities.
  • Other responsibilities as assigned.

 

The successful candidate will possess the following qualifications:

Competencies:

  • Project Management
  • Self-led Learner
  • Customer First Mentality
  • Strong Adaptability
  • Process Documentation Management
  • Process Mapping Development
  • Presentation Skills
  • Multitasking
  • Compliance + Risk Mindset
  • Communication w Executives
  • Team Mentorship
  • Can Interpret Regulations and Compliance Requirements
  • Thought Leadership
  • Cross-functional Team Leadership
  • Strategic Thinking and Planning (Team)
  • Brand & Team Ambassador
  • Solid Risk Management Foundation
  • Solid Information Security Foundation
  • Solid Security Control Framework Foundation
  • General Data Privacy Foundation
  • Can Teach/Educate Risk & InfoSec Principles
  • Can Consult Business on Risk and InfoSec Principles

 

Personality:

  • Requires a well-organized, cheerful and persuasive individual, who can manage multiple priorities at once.
  • Must have good meeting management and communication skills to keep conversations focused and productive.
  • Must be self-driven; able to manage schedules, meet deadlines, coordinate with others, and perform tasks with minimal supervision.
  • Must have the ability to work with a diverse audience, under tight deadlines, and negotiate successful outcomes to challenging problems.

Skills:

  • Analytical aptitude with an emphasis on investigative, methodical critical questioning and logical thinking; a data-driven decision maker.
  • Strong understanding of mitigation methodologies and our responsibility as a company to adhere to regulatory requirements pertaining to information security, privacy and/or data security.
  • Experience leading through others and rolling out new security controls or programs
  • Solid working knowledge of information security concepts and controls.
  • Excellent project management skills, with the ability to work within deadlines, juggle multiple priorities, design project plans, and provide project updates.
  • Ability to work independently with little direction and/or supervision.
  • Superior communication skills with the ability to ask questions, escalate roadblocks early, and interact effectively at multiple levels in the organization.
  • Keen attention to detail with the ability to correct on the fly and work independently.
  • Solid interpersonal and verbal/written communication skills.

Education and Experience:

  • Bachelor’s Degree or equivalent experience and at least 5-8 years of directly related experience.
  • Must have a solid understanding of SOX, PCI, CPNI, CCPA, FACTA, ITAR, EAR and similar IT Compliance and Privacy regulations.
  • Experience with NIST, ISO and other industry standards.
  • Expert user of Microsoft/Google Suite and an eGRC tool.

Other Qualifications:

  • Must be a U.S. citizen or U.S. permanent resident.
  • Professional certification (CISSP, CISA, CSIM, CIA or similar) is highly desired. Candidates who apply will be tested in several areas, including verbal/spelling, math/logic and business problem-solving, and must meet minimum standards to be considered for this position.

Google Form Information

Justification: Why do you need this role? What is the impact? Complex structure and requirements of team/position.

The ISBP is a key part of our Information Security and Governance, Risk, and Compliance (GRC) teams. The person in this role will function as a central Information Security subject matter expert supporting the company teams. They will provide cyber security advice to business partners to effectively manage risk to the business and will validate that security and technology controls are implemented to support business and security requirements.

What are the main responsibilities that your new hire will have?

– Partner with Business Units to identify, analyze and mitigate security risk associated with activities executed throughout the company business.

– Provide security consultation for new and ongoing enterprise initiatives.

– Consult on defining security policies and best practices.

– Educate and build awareness of security requirements.

– Improve compliance with security standards and policies across enterprise teams.

– Participate in testing and monitoring of security and privacy controls executed by the company

– Lead security enhancement projects focused on new or changing technologies.

– Publish executive-level security reporting across governance, risk, and compliance activities.

– Other responsibilities as assigned.

What will this candidate do in the first 90 days on the role and how will you define a candidate’s success?

In the first 90 days, the ISBP will learn company security policies and GRC procedures that will empower them to act as the security subject matter expert. They will also begin attending project meetings and interacting with leadership within the company teams to ensure security is considered at all levels of the department. If security assessments are necessary, they will begin interacting with the teams in order to perform the evaluation of the security posture of the environment and coordinate any remediation requirements.

< Back to Job Search

Apply Now

    .doc, .docx, .pdf accepted