CISSP

JOB SUMMARY

Work independently to apply business insight and technical expertise within the area of information security for electronic and non-electronic means of storing, accessing, and exchanging information. Participate in a highly collaborative and diverse environment working closely with partners throughout the company and with the information-security professional community of practice.

ESSENTIAL DUTIES

• Perform analysis to assess potential and actual risks, threats, and vulnerabilities that pertain to the protection of company a) information that

is proprietary, confidential and/or otherwise requires protection from unauthorized access, and b) electronic devices upon which the company or its associates rely, for business purposes, to be free from compromise in availability, reliability and security.

• Identify and implement solutions and the definition of corporate policies to

protect corporate information and electronic devices, including use of

techniques such as business practices, electronic controls, compliance

monitoring, and enforcement

• Assess individual devices (servers, workstations, laptops, smartphones, network devices, etc.), departments, and network segments for security risks and standards compliance

• Review and inform company stakeholders on vulnerability reports

• Understand and develop procedures to regulate access to computer data files and prevent unauthorized modification, destruction, and disclosure of information

and maintain role-based access controls (RBAC).

• Work with service desk and development staffs to request programming changes. Plan data security for new or modified software, accommodating issues such as associate data access needs and risk of data loss or disclosure.

• Conduct security training, prepare data-use records for administration, answer questions in regards to computer security from both internal and external

sources and audits unusual request for computer access or account changes

• Establish and maintain change and project management to support transition processes and constructing quality work plans and deliverables to meet

communicated deadlines

• Research issues, problems or data security breaches and develop solutions to that are rare and unusually complex and creates new methods or

processes

MINIMUM QUALIFICATION REQUIREMENTS

Education

Bachelor’s degree or, equivalent of education and experience sufficient to successfully perform the essential functions of the job may be considered.

Experience

Minimum 7 years’ experience

• Experience with the architecture associated with identity management systems

• Experience with the implementation of encryption software

• Experience with security information and event management systems

• Experience implementing technical solutions in support of a defense-in-depth strategy

Skills

• Advanced knowledge of the techniques used to cause, detect and prevent or remediate security problems and end-user devices, computers and network systems

• Demonstrated skill in performing post-incident computer forensics without destruction of critical data

• Sufficient technical expertise to recognize the applicability of emerging technologies to Terumo BCT’s business needs and to direct evaluations, cost/benefit analyses, and implementations of new technology

• In-depth knowledge of security standards and experience in their implementation

• Ability to design, implement, operate and maintain technical solutions to information security-related problems

• Advanced knowledge of business protection systems and technology associated with information security

• Ability to perform vulnerability assessments using Tenable Nessus or other vulnerability software

• Advanced knowledge of information security best practices and regulations

• Knowledge on security best practices and technologies related to cloud computing

• Ability to install and configure security software in computer networks

• Knowledge and use of relevant PC software applications and skills to use them effectively

• Demonstrated ability to communicate effectively both verbally and in writing

Nice to Have –

Experience with FDA, ISO, NIST or HIPPA security regulations

Experience with PCI or PHI

Netscope or CASBY experience is big plus

About Actalent

Actalent is a global leader in engineering and sciences services and talent solutions. We help visionary companies advance their engineering and science initiatives through access to specialized experts who drive scale, innovation and speed to market. With a network of almost 30,000 consultants and more than 4,500 clients across the U.S., Canada, Asia and Europe, Actalent serves many of the Fortune 500.

Diversity, Equity & Inclusion

At Actalent, diversity and inclusion are a bridge towards the equity and success of our people. DE&I are embedded into our culture through:

Hiring diverse talent

Maintaining an inclusive environment through persistent self-reflection

Building a culture of care, engagement, and recognition with clear outcomes

Ensuring growth opportunities for our people

The company is an equal opportunity employer and will consider all applications without regard to race, sex, age, color, religion, national origin, veteran status, disability, sexual orientation, gender identity, genetic information or any characteristic protected by law.

If you would like to request a reasonable accommodation, such as the modification or adjustment of the job application process or interviewing process due to a disability, please email actalentaccommodation@actalentservices.com (%20actalentaccommodation@actalentservices.com) for other accommodation options.