Posted in Other 30+ days ago.
This job brought to you by Careerbuilder
Working independently, the Senior Advanced Analyst, Security Governance, Risk and Compliance enables the business through delivery of IT Security Risk Management. Accountable for maintaining a secure organization through strategic alignment, this position will identify current/emerging security risks throughout the evaluation of new corporate initiatives and will work collaboratively with IT and the business to provide security subject matter expertise to ensure those risks are appropriately assessed and mitigated. This role is generally characterized by a moderately high level of scope, a moderate level of complexity, and a high level of independent decision making.
ESSENTIAL JOB DUTIES AND RESPONSIBILITIES*.
* Demonstrates expertise performing IT Risk & Security assessments and recommending information security solutions to assist businesses with the assessment and improvement of their security infrastructure and applications
* Perform technical security risk assessments around:
o New business projects and initiatives
o Infrastructure architecture and design
o Emerging technologies
o Secure systems and application development
o Vendor/3rd party security
o IT regulatory and PCI compliance
* Manages the information security risk treatment process and presents findings to the risk review board
* Identifying and evaluating business and technology risks, internal controls which mitigate risks, and related opportunities for internal control improvement
* Ability to translate business needs and regulatory requirements into cost effective and risk appropriate controls
* Demonstrates expertise with assessing and recommending enterprise security solutions in adherence with industry and regulatory security standards
* Demonstrate a strong understanding of the IT security landscape, including emerging risks and security solutions.
* Create, develop, and sustain productive business relationships internally and externally
* Makes actionable recommendations to other members of GameStop's leadership team related to overall security risk.
* Manage relationships in a manner acceptable to others and to the organization; adhere consistently with all organizational policies related to our respectful workplace
* Demonstrate a high level of emotional intelligence, including the ability to manage conflict effectively
* Demonstrate a consistent commitment to field-focused service by prioritizing field-based requests, responding quickly and favorably to field-based feedback, by minimizing tasks, and proactively seeking ways to help store teams focus on customer service as productively as possible
* Work collaboratively with others within and outside of his or her function to achieve goals, simply processes, reduce costs, prevent loss, and to ensure that work is completed safely, accurately, and on time
* Model the behaviors expected of all GameStop leaders including, but not limited to, a drive for results, with a demonstrable bias for action; high levels of emotional intelligence, maturity, and professionalism; giving, receiving and responding to feedback effectively; a consistently high service orientation; and demonstrable commitments to diversity, inclusion, a respectful workplace, and integrity
* Drive outstanding business results through traditional management functions including, but not limited to, sourcing and selecting talent, coaching and development, workforce and project scheduling, performance assessment, and general talent planning
* Create a productive, collaborative work environment by developing a common vision, setting clear objectives, facilitating teamwork, recognizing and rewarding outstanding performance, encouraging risk tolerance, and maintaining open communications
* Build organizational capability through continuous improvement activities; originate action to improve existing conditions and processes; identify improvement opportunities, generate ideas, and implement solutions
* Identify, track, and report meaningful performance/progress metrics, and support the team with achieving performance goals
* Actively build the capability of others through relevant, timely balanced feedback; coaching and teaching, encouraging mentoring relationships; and using recognition and rewards to reinforce desirable behaviors
* Customer Focus - Makes internal and external customer needs the primary focus of one's actions; develops and sustains productive customer relationships
* Drive for Results and Accountability - Consistently maintains high levels of productivity; works with vigor, effectiveness, and with a consistent focus on objectives
* Building a Successful Team - Uses appropriate methods and a flexible interpersonal style to help build a cohesive team; facilitates the completion of team goals
* Building Strategic Partnerships - Identifies opportunities and takes action to build strategic relationships between one's area and other areas, teams, departments, units or organizations to help achieve business goals
BASIC AND PREFERRED QUALIFICATIONS (EDUCATION and/or EXPERIENCE)
* Accredited bachelor's degree in technology, business administration, or similar business discipline; or any equivalent combination of experience and skills required
* 7+ years of professional experience, with 5+ years of experience in information security and/or IT risk management required
* Demonstrates knowledge of information security standards: ISO, NIST, SANs, etc. required
* Industry experience with a retail organization preferred
* Certified Information System Security Professional (CISSP) certification preferred
* Certified in Risk and Information Systems Control (CRISC) certification or equivalent risk management certification preferred
MINIMUM QUALIFICATIONS, JOB SKILLS, ABILITIES
* Ability to remain flexible and adapt to changing priorities with promptness, efficiency and ease
* Demonstrates an ability to work in a collaborative environment and influence others
* Able to assess information security programs including organizational design and key process/procedures.
* Analysis, development and implementation of security policies, standards and guidelines.
* Expert relationship building skills, including the capacity to predict and manage behavior, build and leverage cross-functional partnerships within and outside of the organization, and leverage influential leadership
* Proficient ability to communicate effectively with others using spoken and written English
* Expert ability to manage emotionally-charged disagreements through consensus building, relationship management, and the formation and presentation of logical, data-based arguments
* Expert ability to interpret large amounts of data and to make profitable, sustainable business recommendations.
* Proficient understanding of strategic business development, including goal creation, talent alignment, and cross-functional collaboration.
* Proficient understanding of budgeting and resource allocation
* Ability to work under demanding time constraints and production goals with an understanding of conflict management and resolution
* Proficient project planning skills, including the ability to organize, prioritize and control job responsibilities in order to meet deadlines in an environment with multiple evolving, overlapping, and potentially conflicting priorities.
* Ability to remain effective under stress, and respond to pressure in a manner acceptable to others and to the organization
* Ability to positively model the organization's commitment to integrity, diversity, inclusion, and maintaining a respectful workplace
* Ability to effectively hire, develop, guide, and coach others in order to produce a successful team
* Encourages diverse and entrepreneurial thinking in an environment in which people are comfortable taking appropriate risks and learning from any mistakes that they make
* Proficient understanding of the principles of giving and receiving feedback effectively
* Expert understanding of change management strategy and practice
* Consistently demonstrates a commitment to GameStop policies and procedures, including but not limited to, attendance, confidentiality, conflict of interest, and ethical responsibilities