Description
The IT Risk team functions include assessing and mitigating risk through internal risk assessments and risk assessments for 3rd party vendors, providing client sales management services, providing security awareness training, maintaining the phishing awareness program, and developing and maintaining IT policies and procedures. Secondary responsibilities include delivering security recommendations for business and technology initiatives and security awareness month coordination.
RESPONSIBILITIES
- Communicate risks in a meaningful way to business units unfamiliar with security
- Perform risk assessments for business and technology initiatives such as new vendors and supporting software
- Become a SME and leader for many of the ongoing processes involving vulnerability scanning, reporting, and risk assessment
- Deploy phishing awareness training and simulations enterprise-wide and report metrics
- Reporting of program key performance indicators and metrics
- Collaborate with corporate communications on security communication initiatives
- Provide security recommendations to system and technology owners.
- Assist in developing IT security and compliance trainings.
- Assist in coordinating security awareness month training and activities.
- Maintain and update policies and procedures related to IT and regulatory compliance.
- Provide compliance sales management services.
- Review critical vendors on a recurring cycle.
Qualifications
Education/Certification:
- Bachelor's Degree required, CS, MIS or related field preferred
Experience:
- 5+ years of IT risk management, IT audit or regulatory compliance
PREFERRED QUALIFICATIONS
Education/Certification:
- Industry Certification (CISA, CRISC, CISM, CISSP, etc.) preferred
Skills/Abilities:
- General knowledge of risks associated with cloud and on-premise technology
- Familiarity with GRC tools, particularly as it relates to vendor risk management
- Phishing and social engineering principles
- Open-source software assessment and scanning
- Knowledge of containerization technology and security principles
- Strong analytical and problem-solving skills
- Highly responsive with an ability to handle escalations quickly and professionally
- Excellent written and verbal communication skills
- Strong research skills and willingness to seek information
- Maintain effective working relationships with supervisor and coworkers
- Interpret and apply laws, regulations, and policies
- Overcome hurdles that arise around applying security mitigations and controls through collaboration and communication.
Paycom is an equal opportunity employer and prohibits discrimination and harassment of any kind. Paycom makes employment decisions on the basis of business needs, job requirements, individual qualifications and merit. Paycom wants to have the best available people in every job. Therefore, Paycom does not permit its employees to harass, discriminate or retaliate against other employees or applicants because of race, color, religion, sex, sexual orientation, gender identity, pregnancy, national origin, military and veteran status, age, physical or mental disability, genetic characteristic, reproductive health decisions, family or parental status or any other consideration made unlawful by applicable laws. Equal employment opportunity will be extended to all persons in all aspects of the employer-employee relationship. This policy applies to all terms and conditions of employment, including, but not limited to, hiring, training, promotion, discipline, compensation benefits, and separation of employment. The Human Resources Department has overall responsibility for this policy and maintains reporting and monitoring procedures. Any questions or concerns should be referred to the Human Resources Department. ****To learn more about Paycom's affirmative action policy, equal employment opportunity, or to request an accommodation - Click on the link to find more information: paycom.com/careers/eeoc
Apply on company website
Find Connections via Linkedin
