Senior Information Security Engineer – Control Management

Genesis10 is currently seeking a Senior Information Security Engineer with our client in the financial industry located in Columbus, OH, Iselin, NJ , Westlake, TX, and Chandler, AZ. This is a 24 month contract position.
Responsibilities:
Collaborate with, guide and counsel Critical Infrastructure process and control owners for Control Assurance requirements, including identifying where controls reside, oversight of control documentation changes, evaluating effectiveness and functioning as liaison to control assurance teams in 1st and 2nd Lines responsible for Testing
Ensure a proper Critical Infrastructure profile of applicable regulations and associated controls as well as residual risks and compensating controls are maintained and continuously updated in appropriate systems of record on an ongoing basis
Establish the inventory of all relevant business processes, governance channels, internal testing, audit, regulatory engagements and prioritize internal preparation, review routines and the integration with RCSA as applicable
Establish regular routines with corporate risk, testing & validation and audit partners to provide transparency into business risk profile and trend
Conduct risk assessments to evaluate the adequacy and effectiveness of policies, procedures, processes, systems, technology, and internal controls
Provide reporting, written and verbal updates to Secure Network Services Leadership and Enterprise risk committees as issues/incidents arise that require escalation
Deploy automation strategies for encryption, tokenization and key management products and services including Hardware Security Modules, security appliances and security applications deploying in physical, virtual and containerized environments
Provide technical guidance and oversight to teams and team members responsible for product delivery and operational maintenance
Support company driven audits, gather evidence of compliance to company policies, and drive product enhancements, when needed, to remediate findings
Conduct technical investigation of incidents to identify causes and recommend future mitigation strategies
Support incident response, root cause analysis and corrective action activities
Requirements:
2 years of Risk Management or Financial Services Industry experience, or equivalent experience demonstrated through one or a combination of the following: work experience, training, military experience, education
2 years of Information Security Engineering experience, or equivalent demonstrated through one or a combination of the following: work experience, training, military experience, education
2 years of intermediate to advanced level experience with scripting/automation using tools such as: Bash, PowerShell, Python, Ansible, VBScript, or JavaScript, UI path, etc
2 years of Linux and Windows server experience
Knowledge of Cryptographic protocols & algorithms
Knowledge and understanding of implementing infrastructure upgrades, security patches, version upgrades for systems, appliances and HSMs
Experience with Agile Scrum or Kanban methodologies
Proven experience with change and incident management practices in medium to large enterprise environments
Desired Qualifications:
Technical understanding of specific business operations, processes, products, and customer interactions where they manifest risk
Demonstrated capacity to pro-actively and independently analyze and solve problems and address risks with the business units risk appetite and all risk and compliance program requirements
Experience with DevOps and CI/CD automated build and deployment processes
Experience with application support in Linux and Windows server environments
Experience mentoring/guiding less experienced staff
Strong a