Cybersecurity Assessor Specialist
The Operational Assurance and Compliance (OAC) team provides oversight, support and monitoring to address risk and meet regulatory, contractual and best practice requirements. OAC is part of the Global InfoSec team. This position will require an understanding of cybersecurity and IT from both a business and technical perspective. The successful candidate will work with various teams within IT, InfoSec, Sales, Product and Response Management.
This position will perform assurance and compliance activities to measure the effectiveness of cybersecurity and IT operational controls and processes through testing controls, identifying gaps and tracking items to resolution. Specific Job Duties:
- Perform risk assessments and control testing in areas of cybersecurity and IT related security areas.
- Prepare gap analyses from the results of risk assessments.
- Work with stakeholders to maintain the remediation plans and produce periodic status reports.
- Support the Response Management team in responding to customer risk assessments and questionnaires.
- Work closely with technical teams to build consistent and accurate responses for the Response Management team.
- Working with the Response Management team, manage the customer risk assessments and questionnaire deliverables within InfoSec and IT, ensuring completion by the assigned deadlines.
- Support the Response Management team in tracking to completion action items raised during customer risk assessments and audits.
- Develop and maintain a virtual data library for relevant content for customer audits and queries.
- Review and update relevant virtual data library content at least annually.
- Create consistent cyber security content that can be utilized across customers and products and address relevant gaps.
- Bachelor's degree, or equivalent prior work experience.
- General knowledge and work experience within Information Security, risk, vulnerability and IT would be an advantage.
- Cross organization experience preferred.
- Understanding of SOC Compliance and other industry control frameworks.
- Relevant certifications (CISA, CRISC, CISSP, CISM, etc.) desired.
- Good interpersonal skills and ability to work across various organizations and levels.
- Understanding of a shared services model.
- Process oriented with exceptional organizational skills.
- Must be able to work effectively in a matrix organization and foster team cooperation.
- Ability to work effectively both independently and as part of a team.
- Desire to learn about and stay current with a complex and rapidly changing environment.
- Problem-solving skills, creative and collaborative in finding solutions related to complex and multilayered problems.
- Critical thinking with the ability to use logic and reasoning to identify strengths and weaknesses of alternative solutions, conclusion or approaches.
- Ability to work in a geographically dispersed team and independently with minimum supervision.
- Attention to detail
- O365 and Microsoft Office Suite, particularly Excel
- Direct program/project coordinator experience a plus
Travel: Less than 20% travel may be required.
IHS Markit is committed to providing equal employment opportunity (EEO) to all persons regardless of age, color, national origin, citizenship status, physical or mental disability, race, religion, creed, gender, sex, sexual orientation, gender identity and/or expression, genetic information, marital status, status with regard to public assistance, veteran status, or any other characteristic protected by the laws and regulations in any of our locations.
We are proud to provide reasonable accommodations to applicants with disabilities. If you are interested in applying for employment with IHS Markit and need special assistance or an accommodation to use our website or to apply for a position, please contact or call +1 212 849 0399. Determination on requests for reasonable accommodation are considered on a case-by-case basis. This contact information (email and phone) is intended for application assistance and accommodation requests only. We are unable to accept resumes or provide information about application status through the phone number or email address above. Resumes are only accepted through the online application process, and only qualified candidates will receive consideration and follow-up.
IHS Markit maintains a substance-free workplace. In addition, in the United States, we perform pre-employment drug testing and are required as a federal contractor to participate in the E-Verify Program to confirm eligibility to work.
For information please click on the following links:
IHS Markit Business Code of Conduct
Right to Work
EEO is the Law
EEO is the Law Supplement
Pay Transparency Statement
----------------------------------------------- Current Colleagues
If you are currently employed by IHS Markit, please apply internally via the Workday internal careers site.