Internal Risk Manager- Remote
This is an exciting opportunity for a passionate and experienced security risk professional to practice their craft to design the program to ensure our people are operating securely and to contribute and, in many cases, lead the programs to mitigate risk caused by employees. As one of the most trusted brands in cybersecurity for decades, McAfee is in the early stages of its journey as a pure-play consumer-focused company. We are looking for a highly collaborative builder to join an established security team that is transitioning to support our new McAfee to achieve its grand challenge of de-risking the digital lives of individuals and families across the globe. Come join your security teammates in our mission to make life online safer so that our customers can live the connected lives they want, without compromise!
This is a remote role based in the United States. We are only considering candidates based in the United States and are not offering relocation at this time.
About the Role:
The employee risk manager is accountable for driving the programs required to identify and respond to risk caused by our employees, either accidentally or maliciously. This includes leading the deterrence and recovery aspects of our Insider Threat Program and working with our threat team to contribute to all other aspects of insider threat as needed; driving our training and awareness program to build secure behaviors into our employees’ daily lives; working with our risk team to identify and drive risk mitigation; work with the cloud security team to identify where employee behavior could create issues and drive change; engage in other key programs as we mature security throughout the organization. This role will report to the Deputy CISO and will be an individual contributor. We are looking for a builder, influencer, and change agent who loves a problem and wants to work across organizational boundaries to fix it; whose persistence in solving it is only exceeded by their resourcefulness and patience. Are you looking for a continuously evolving, enterprise security, role that can educate thousands of employees responsible for protecting over 80 million clients? Then come join McAfee’s Office of the CISO.
Design and drive the Deterrence and Recovery components of our Internal Threat Program
Identify risks related to insider threats and implement appropriate mitigations. This may include bringing on new technologies, training, writing blogs
Work with teams across the organization on recovery strategies including business continuity plans and disaster recovery testing.
Design and drive McAfee’s employee awareness program based upon an agreed set of outcomes and measurements to reduce risk caused by employees
Work with vendors to create, assign and track training for all employees
Drive reductions in phishing click rates and increases in reporting rates through a world class phishing simulation program
Spread awareness of the program across the organization and capitalize on opportunities to achieve outcomes, e.g., SDL training
Run ad-hoc competitions/gamification for awareness eg: Phishing Derby/Hackathon
Write blogs and sponsor knowledge sharing sessions
Promoting a risk-smart and security-wise culture
Continuously identifying, prioritizing, and creating multi-channel awareness campaigns to mitigate top risks
Enhance the security team’s brand through maintaining the internal SharePoint site and uploading information on emerging and trending threats, as well as contributing to on-going communications
Measure success of programs through designing, tracking, and reporting on success measures
About You:
Bachelor’s degree and 6 years of work-related experience; or Master’s degree and 4 years of work-related experience; or 8 years of equivalent work-related experience
Passion for security – SSAP, CISSP, or applicable work experience
Strong project management and prioritization
Strong writing skills
Strong Influence and collaboration skills
Minimum five years related work experience with three years’ experience in IT security or application development
Undergraduate degree in related field or equivalent combination of training and experience
Preferred security certification such as ISC2 CISSP, GIAC Security, Essentials Certification (GSEC), GIAC Penetration Tester Certification (GPEN), GIAC Web App Pen Tester (GWPN), or Certified Ethical Hacker (CEH)
Ability to effectively communicate, both orally and in writing, and an ability to grasp conceptual ideas and exercise original thought where there is an established time limit for deliberation, consultation, and evaluation, and to present well-considered and sound suggestions
Ability to plan, organize, and direct team/task force efforts across organizational lines, including the ability to monitor progress to ensure that realistic objectives and milestones are established, to clearly assign responsibilities, and to accomplish mission requirements in a timely manner
#LI-Remote
McAfee is a leader in personal security for consumers. Focused on protecting people, not just devices, McAfee consumer solutions adapt to users’ needs in an always online world, empowering them to live securely through integrated, intuitive solutions that protects their families and communities with the right security at the right moment.
We work hard to embrace diversity and inclusion and encourage everyone at McAfee to bring their authentic selves to work every day. We offer a variety of social programs, flexible work hours and family-friendly benefits to all of our employees.
We’re serious about our commitment to diversity which is why McAfee prohibits discrimination based on race, color, religion, gender, national origin, age, disability, veteran status, marital status, pregnancy, gender expression or identity, sexual orientation or any other legally protected status.
For Colorado Residents the starting salary for this position is $120,000.00. McAfee takes into consideration an individual’s skillset and experience in making salary determinations. For further details, please discuss with the Talent Acquisition Partner.
br{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Responsibilities: IT Network Operations or designee, responsible for the design, implementation, administration, and support of...
Apply For This JobJob Description The Hospital / Institutional Customer Representative is a key member of the Hospital Customer Team and plays a...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Job Description An experienced Agile Scrum Master is needed to work on a large-scale software...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> At Edward Jones, we help clients achieve their serious, long-term financial goals by understanding their...
Apply For This Jobbr{display:none;}.css-58vpdc ul > li{margin-left:0;}.css-58vpdc li{padding:0;}]]> Interested in working with one of the markets leading manufacturers? Greenheck Group is a leading...
Apply For This JobJob Description Position Description: Director / Program Lead This position provides oversight and leadership of clinical program execution. In this...
Apply For This Job