Senior Cybersecurity Risk Consultant
2 weeks ago
Step into a transformative technology career with a leading organization.
Southern Glazer's Wine & Spirits stands as North America's foremost distributor of wine and spirits, backed by a family-owned legacy that spans over 50 years.
To usher in a new era in the beverage industry, we are significantly investing in innovative technologies and seeking the brightest tech talent.
Recognized by Newsweek as a Most Loved Workplace and featured on Forbes' lists for Largest Private Companies and Best Employers for Diversity, we take pride in our culture.
As a full-time team member, you will have access to an extensive array of our Top Shelf Benefits, which include comprehensive medical and prescription drug coverage, dental and vision plans, tax-saving Flexible Spending Accounts, disability coverage, life insurance, and a 401(k) plan.
We are committed to continuous learning and career advancement in a dynamic environment where your contributions are valued, your opinions matter, and technology is integral to our success.
Overview
The Senior Cybersecurity Risk Consultant is tasked with evaluating IT risks both internally and with third-party vendors to safeguard SGWS data and information.
This role requires extensive expertise in information security risk and third-party risk management, alongside familiarity with the various technologies utilized within the organization.
Collaboration with all IT sectors, including Infrastructure, Application Development, Database, Network, Security Operations, and IT Compliance, is essential.This position reports directly to the Information Security Risk Manager.
Primary Responsibilities
Risk Management
Serve as a subject matter expert in Information Security Risk Management.
Assist the Information Security Risk Manager in developing and maintaining the risk hierarchy, risk taxonomy, and risk register.
Oversee established risks within the IT organization and report on the effectiveness of associated mitigating controls.
Collaborate closely with the Information Security Governance and Compliance team and security leadership to ensure cybersecurity policies and practices are designed to mitigate risk effectively.
Engage with the Security Architecture team and participate in architecture reviews and project meetings to assess risk impacts on the organization.
Play a significant role in the implementation and ongoing maintenance of the ServiceNow Risk Management solution.
Third Party Risk Management
Manage all third-party relationships to ensure adequate controls are in place to protect SGWS data and information.
Assist the Information Security Risk Manager in developing, enhancing, and maturing the risk-based third-party assessment and continuous monitoring program within ServiceNow.
Conduct annual vendor risk management reviews of existing third parties based on established risk ratings.
Evaluate new third-party engagements, track issues to resolution, provide feedback on necessary security controls, and ensure contracts include Southern Glazers' required provisions.
Review SOC1 & SOC 2 Type 2 reports, vulnerability assessments, penetration test results, and other necessary documentation.
Travel to various office locations and third-party sites to conduct on-site security assessments as required.
Perform additional duties as assigned.
Preferred Qualifications
Master's degree in a related field is preferred.
Cybersecurity-related professional certifications such as CISSP, CISM, CREST Technical Security Architect, ISO Lead Auditor, CISA, etc., along with vendor certifications in Azure Cloud Technologies, networking, and other relevant technologies.
Experience in one or more of the following areas: implementing GRC/IRM tools (experience with ServiceNow GRC/IRM is a plus); OT/IOT/SCADA/ICS systems; large enterprise-wide transformation initiatives; experience in food, beverage, CPG, or distribution industries; prior experience in Audit and/or Operational Security roles.
Eight or more years of professional experience in Information Technology/Security, encompassing Third-Party Risk Management, IT Risk Management, cybersecurity, and governance, risk, and compliance (GRC).
Extensive knowledge of IT Risk Management processes and best practices.
Comprehensive understanding of Third-Party Risk Management processes and best practices.
Proficient in collaborating with diverse teams and fostering an enterprise-wide risk management culture.
Demonstrated project management, multitasking, and organizational skills.
Experience with various industry standards, including NIST Cyber Security Framework (CSF), NIST 800-53, ISO 27001 & 27002, Cloud Security Alliance (CSA), OWASP, TOGAF, IEC 62443, or CIS Benchmark.
Knowledge of IT systems, network security, application security, identity & access management, vulnerability management, endpoint security, and cloud environments (AWS, Azure, Salesforce, etc.).
Agile Delivery Values
Openness – Team and stakeholders agree to be transparent about all work and challenges.
Commitment – Personally commit to achieving the team's goals.
Respect – Value your team members as capable and independent.
Courage – Have the courage to do the right thing and tackle challenging problems.
Focus – Ensure everyone concentrates on the work in the sprint and the goals of the scrum team. Rise and fall as a team.
Physical Demands
Physical demands include considerable time spent sitting and typing/keyboarding, using a computer (e.g., keyboard, mouse, and monitor), or mobile device.
Occasional physical demands may include walking, bending, reaching, standing, squatting, and stooping.
May require occasional lifting/lowering, pushing, carrying, or pulling up to 20lbs.
EEO Statement
Southern Glazer's Wine and Spirits is an Affirmative Action/EEO employer, prohibiting discrimination and harassment of any type and providing equal employment opportunities to all employees and applicants without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
Southern Glazer's Wine and Spirits offers competitive compensation based on estimated performance levels consistent with the past relevant experience, knowledge, skills, abilities, and education of employees.
Unless otherwise expressly stated, any pay ranges posted here are estimates from outside sources and do not reflect Southern Glazer's pay bands or ranges.
Southern Glazer's Wine and Spirits is committed to providing equal employment opportunities to all employees and applicants and prohibits discrimination and harassment of any type without regard to race, color, religion, age, sex, national origin, disability status, genetics, protected veteran status, sexual orientation, gender identity or expression, or any other characteristic protected by federal, state, or local laws.
This policy applies to all terms and conditions of employment, including recruiting, hiring, placement, promotion, termination, layoff, recall, transfer, leaves of absence, compensation, and training.
-
Lead Cybersecurity Risk Consultant
2 weeks ago
Dallas, Texas, United States Echelon Risk + Cyber Full timePosition OverviewAbout Echelon Risk + Cyber: At Echelon Risk + Cyber, we are dedicated to safeguarding the fundamental rights to security and privacy. We are in search of a remarkable Lead Cybersecurity Risk Consultant to engage in the execution of Risk Advisory client projects. This role encompasses leading and executing pertinent tasks while contributing...
-
Cybersecurity Risk Consultant
2 weeks ago
Dallas, Texas, United States Jobot Full timePosition Overview:This role is focused on guiding organizations in understanding and mitigating their cyber risk exposure. As a Cybersecurity Risk Consultant, you will play a crucial part in helping clients establish a robust cyber risk management framework.Key Responsibilities:- Develop and maintain an in-depth understanding of our cybersecurity solutions...
-
Cybersecurity Risk Consultant
1 week ago
Dallas, Texas, United States Jobot Full timeJob Overview:This position is hosted by Jobot. We are seeking a dedicated Cyber Risk Advisor to assist our clients in understanding and mitigating their cyber risk exposure.About Us:At Jobot, we specialize in helping organizations assess their Cyber Risk Profile and implement strategies to reduce their vulnerability to cyber threats.Benefits:- Comprehensive...
-
Cybersecurity Risk Consultant
1 week ago
Dallas, Texas, United States Jobot Full timeAbout the Role:This position is hosted by Jobot. As a Cyber Risk Advisor, you will play a crucial role in assisting clients to comprehend their Cyber Risk Profile and mitigate potential threats.Key Responsibilities:Develop and maintain a deep understanding of our offerings and cyber risk management strategies.Guide newly onboarded clients in establishing a...
-
Cybersecurity Risk Consultant
2 weeks ago
Dallas, Texas, United States Jobot Full timeJob Overview:This position is hosted by Jobot. We are seeking a skilled Cyber Risk Advisor to assist our clients in understanding and mitigating their cyber risk exposure.About Us:At Jobot, we specialize in helping organizations identify their Cyber Risk Profile and implement strategies to reduce the likelihood of cyber attacks.Benefits:- Comprehensive...
-
Cybersecurity Risk Consultant
1 week ago
Dallas, Texas, United States Jobot Full timeJob Overview:This position is hosted by Jobot. We assist our clients in comprehending their Cyber Risk Profile and reducing their vulnerability to cyber threats.Benefits:- Comprehensive dental coverage- Health insurance options- Paid time off for personal needs- Reimbursement for travel expenses- Vision insurance plansKey Responsibilities:- Acquire and...
-
Cybersecurity Risk Consultant
2 weeks ago
Dallas, Texas, United States Jobot Full timeJob Overview:This position is hosted by Jobot. We assist our clients in comprehending their Cyber Risk Profile and in reducing their vulnerability to cyber threats.Compensation:Salary range: $130,000 - $175,000 per yearBenefits:- Dental insurance- Health insurance- Paid time off- Travel reimbursement- Vision insuranceKey Responsibilities:- Acquire and uphold...
-
Cybersecurity Risk Consultant
2 weeks ago
Dallas, Texas, United States Jobot Full timeJob Overview:This position is hosted by Jobot. Are you the right fit? We encourage you to apply by submitting your resume.Salary: $130,000 - $175,000 per yearAbout Us:At Jobot, we assist our clients in comprehending their Cyber Risk Profile and in reducing their vulnerability to cyber threats.Benefits:- Dental insurance- Health insurance- Paid time off-...
-
it cybersecurity specialist
2 months ago
Dallas, Texas, United States Cybersecurity And Infrastructure Security Agency Full timeTypical work assignments include:Maintains awareness of cybersecurity intelligence, threats, and operations. Supports regional incident support operations during critical cyber-related events. Tracks, analyzes, reports on, and helps deconflict critical data and information for steady-state activities, incident response operations, and analytical support...
-
Cybersecurity Consultant
6 days ago
Dallas, Texas, United States Bridge Technologies and Solutions Full timeJob DescriptionThe Bridge Technologies and Solutions team is seeking a highly skilled Cybersecurity Consultant to join our team. As a key member of our organization, you will play a critical role in ensuring the security and integrity of our systems and data.Key ResponsibilitiesDevelop and implement comprehensive security strategies to protect against cyber...
-
Senior Cybersecurity Engineer
2 weeks ago
Dallas, Texas, United States CDW Full timeCompany Overview: CDW is seeking a skilled senior cybersecurity engineer who is passionate about security and possesses extensive knowledge in the cybersecurity domain.Role Overview: In this position, you will enhance security by safeguarding system boundaries, fortifying computer systems and network devices against threats, and protecting sensitive...
-
Senior Risk Management Analyst
2 weeks ago
Dallas, Texas, United States The Intersect Group Full timeJob Overview:A Client of The Intersect Group is in search of a seasoned Senior Risk Management Analyst to enhance their risk oversight team within the second line of defense. This role will involve the coordination of IT/IS and Third-Party Risk Management (TPRM) committees. Key responsibilities will include organizing meeting logistics, gathering materials...
-
Lead Cybersecurity Engineer
2 weeks ago
Dallas, Texas, United States Echelon Risk + Cyber Full timeJob OverviewAbout Echelon Risk + Cyber: At Echelon Risk + Cyber, we are dedicated to safeguarding fundamental human rights related to security and privacy. We are seeking a highly proficient and seasoned Lead Cybersecurity Engineer to become an integral part of our innovative team at Echelon Risk + Cyber, a premier cybersecurity consultancy. The ideal...
-
Senior Cybersecurity Engineer
1 week ago
Dallas, Texas, United States CDW Full timeOverviewCDW is seeking a skilled senior cybersecurity engineer who is passionate about safeguarding information systems and possesses extensive knowledge in the security domain.Role ResponsibilitiesDevelop, sustain, and oversee the organization's cybersecurity framework.Design, implement, and monitor protective measures for computer systems, networks, and...
-
Senior Cybersecurity Engineer
2 weeks ago
Dallas, Texas, United States CDW Full timeOverviewCDW is seeking a skilled senior cybersecurity engineer who is passionate about security and possesses extensive knowledge in the field of information protection.Role ResponsibilitiesDevelop, maintain, and oversee the organization's cybersecurity framework.Design, implement, and monitor protective measures for computer systems, networks, and sensitive...
-
Senior Cybersecurity Engineer
2 weeks ago
Dallas, Texas, United States CDW Full timeOverviewCDW is seeking a skilled senior cybersecurity engineer who is passionate about security and possesses extensive knowledge in the field.Role ResponsibilitiesDevelop, maintain, and oversee the organization's cybersecurity framework.Design, implement, and monitor protective measures for computer systems, networks, and sensitive information.Advise the IT...
-
Chief Cybersecurity Officer
2 weeks ago
Dallas, Texas, United States augmentjobs Full timeJob OverviewPosition Summary:The Chief Cybersecurity Officer will lead the formulation and implementation of our cybersecurity framework, safeguarding our digital assets, data integrity, and technological infrastructure. This position requires collaboration with senior management to ensure that cybersecurity efforts are in sync with corporate goals, managing...
-
Dallas, Texas, United States UT Southwestern Medical Center Full timeAbout the RoleUT Southwestern Medical Center is seeking a highly skilled Senior Governance Risk and Compliance Analyst to join our Information Security team. This is a critical role that will play a key part in safeguarding sensitive hospital and university data.Key ResponsibilitiesDevelop, implement, and maintain compliance with established cybersecurity...
-
Cybersecurity Solutions Consultant
3 days ago
Dallas, Texas, United States Palo Alto Networks Full timeAbout the RoleWe are seeking a highly skilled Cybersecurity Solutions Consultant to join our team at Palo Alto Networks. As a key member of our Solutions Consulting team, you will work closely with large organizations around the world to protect their digital environments.Key ResponsibilitiesTechnical Leadership: Provide technical guidance and expertise to...
-
Senior Cybersecurity Engineer
2 weeks ago
Dallas, Texas, United States CDW Full timeCompany OverviewCDW is seeking a skilled and experienced senior cybersecurity engineer who is passionate about safeguarding systems and possesses extensive knowledge in the security domain.Role OverviewIn this position, you will enhance security measures by fortifying system boundaries, ensuring computer systems and network devices are resilient against...