Apply on Employer Site

Urban Science · 3 months ago

IT Operations Senior Specialist, Security - Audit

Detroit, MI

Full-time

Hybrid

Senior Level

5+ years exp

Urban Science is a company focused on transforming industry data into actionable insights for their clients. The IT Operations Senior Specialist, Security plays a critical role in protecting company and client information assets by supporting various ISO certified management systems and managing risk assessments and audits.

AutomotiveBusiness IntelligenceMarketing

Culture & Values

No H1B

Responsibilities

Support and operations of a global ISO 27001, 27701, and 14001 information security, privacy, and environmental management system

Author, update, and manage ISMS documentation set including process descriptions, flow diagrams, checklists, etc

Manage annual internal and external audit process including interaction with audit firms, audit/auditor scheduling, participant scheduling and related tasks

Manage Security Intranet site including standard SharePoint, Wiki, and Power BI sites

Work with virtual security teams on global security implementation, remediation, and improvement projects

Manage security corrective action and continuous improvement process including processing nonconformity reports, creation of corrective actions, and managing corrective actions to closure

Occasionally work with clients and account teams to provide responses to security assessments and questionnaires

Support regular risk assessment, controls reviews, gap assessments, and access reviews

Provide security/privacy expertise and support to Urban Science business and technical teams

Participate in relevant security training events and activities

Achieve and maintain relevant technical and operational security skills and certifications

Qualification

ISO 27001ISO 27701ISO 14001Risk ManagementMicrosoft OfficeRisk Management FrameworksCompliance LawProject ManagementAnalytical ThinkingCustomer ServiceSelf-ControlAssertivenessVerbal CommunicationWritten CommunicationTeamworkFlexibilityInterpersonal UnderstandingRelationship Building

Required

Must have a baccalaureate degree in information technology, or related field, from an accredited U.S. college or university, or equivalent foreign institution

Must have a minimum of five years relevant work experience

Strong understanding of various risk management frameworks, such as ISO 27000, SOC2, ITIL, etc

Understanding of global compliance law/regulation (e.g. GDPR, CCPA/CPRA, Privacy Guard, PIPEDA, etc.)

Knowledge of risk management system like Zen GRC

Strong knowledge of Microsoft Office products - Word, Excel, PowerPoint

Knowledge of current technological developments/trends in area of expertise, and a willingness to continually improve knowledge and skills

Ability to work in a highly confidential manner

Ability to work remotely and occasionally in a shared office environment (in Detroit)

Ability to work in a highly collaborative team environment using Microsoft Teams

Time Management Requires strong capability to prioritize competing demands, manage multiple concurrent tasks and run meetings on schedule

Project Management Project management skills required, including the ability to estimate work efforts, define work plans, delegate work, monitor progress and report schedule variances and scope changes; requires the ability to follow established internal PMO procedures and present project conclusions; proficiency in MS Project strongly preferred

Verbal Communication Requires the ability to compose and verbally deliver information of varying levels, using appropriate grammar, tone, inflection and non-verbal cues, while also listening to and correctly deciphering verbal communication delivered by others

Written Communication Requires the ability and capacity to communicate ideas, facts and data in writing using appropriate grammar, syntax and sentence structure including the ability to create technical documents

Analytical Thinking/Reasoning Requires the ability to understand a situation by breaking it apart into smaller pieces, and/or tracing the implications of a situation in a step-by-step causal way

Results Orientation Requires the ability to strive for optimal results by taking responsibility for timeliness, commitment to task and adherence to performance standards

Ethics/Integrity Requires the ability to behave in a trustworthy & transparent manner

Teamwork & Cooperation Requires the ability to work cooperatively with others and be part of a team

Self-Control Requires the ability to keep emotions under control and to restrain from negative actions or behaviors

Customer Service Orientation Requires the ability to understand and help/assist both internal and external customers and meet their needs

Flexibility/Adaptability Requires the ability to adapt to and work effectively within a variety of situations, individuals or groups, as well as understand and appreciate different and opposing perspectives

Conceptual Thinking Requires the ability to understand a situation or problem by putting the different pieces together to see the bigger picture

Interpersonal Understanding Requires the ability to understand other's feelings and concerns, and to value individual differences in people

Organizational Commitment Requires the ability and willingness to align his/her own behavior with the needs, priorities and goals of the organization

Relationship Building Requires the ability to effectively build and maintain friendly, warm relationships or networks of contacts with clients/customers

Assertiveness Requires the ability and intent to appropriately display assertive behaviors to ensure others follow and comply with given directions

Preferred

One or more of the following certifications is desirable (or relevant): ITIL - Information Technology Infrastructure Library, ISSAP - Information Systems Security Architecture Professional, CISA - Certified Information Systems Auditor, CISM - Certified Information Security Manager, CRISC - Certified Risk and Information Systems Control, Cybersecurity Audit Certificate, ISO Lead Auditor Certification