Specialist - IT Governance, Risk & Compliance

Pinkerton is looking for a Specialist in IT Risk Governance to establish, monitor and manage enterprise-wide controls on Infosec & Security Governance to ensure compliance with global security standards aligned with ISO standards Data Security requirements & SOC2 Compliance.

The right person needs to be customer-obsessed and analytical, strategic yet execution-focused, and passionate about Process excellence and documentation.

Essential Functions:

1.

Represent Pinkerton's core values of integrity, vigilance, and excellence.2.

Manage and implement the global Governance, Risk & Compliance process for Pinkerton3.

Develop and maintain robust information security controls to protect Pinkerton solutions from security breaches/ incidents.4.

Manage the documentation within internal IT Governance, Risk & Compliance.5.

Lead the implementation of Security Assurance / VAPT / Application Security measures.6.

Design, develop and implement Process and security audits for enterprise-wide applications,7.

Conduct regular Security Architecture and configuration reviews.8.

Manage and own all facets of Network Security, Data Security, EUC (End User Computing) Security.9.

Identify Information Security risks and improve the overall Information Security posture of the organization.10.

Performs reviews of security activities and reports, providing a technical and non-technical oversight toward the prevention of Information Security incidents.

Education, Experience, and Certifications:

Bachelor's degree with at least 7-9 years of information technology experience.

Minimum 4-5 years of relevant experience.

Preferred Certifications CISA, ISO27001 LA, ITIL, Certified Risk and Compliance Management Professional.

Pinkerton is an inclusive employer who seeks candidates with diverse backgrounds, experiences, and perspectives.

Competencies:

• An in-depth understanding of IT Governance, Risk & Compliance.• Hands-on experience on implementing multiple programs within Information Security to include Data Loss Prevention, Insider Threats, Incident and Event Correlation, and Threat Response.• Strong knowledge of collection of security measures designed to protect cloud-based infrastructure, applications, and data.• Strong knowledge of Information Security Management System 27001:2013, Risk Management System 31000:2009.• A solid understanding of Business Continuity Planning, GDPR and PCI DSS.• Experience handling Internal IT Audits, Root-cause analysis.

Working Conditions:

With or without reasonable accommodation, requires the physical and mental capacity to perform effectively all essential functions.

In addition to other demands, the demands of the job include:• Exposure to sensitive and confidential information.• Regular computer usage.• Ability to handle multiple tasks concurrently.• Close and distance vision and ability to adjust focus.• Frequent sitting.• Travel, as required.

Pinkerton is an equal opportunity employer to all applicants and posi...