Information Security Risk Specialist, MariBank

Job Description

• Risk Identification and Assessment: Conducting enterprise-wide security risk assessments, maintaining a risk register, and evaluating the likelihood and impact of potential security threats.
• Third-Party Risk Management: Reviewing security posture of vendors and partners through questionnaires and audits (e.g., SOC reports)
• Security Policy Compliance: Developing and enforcing security policies, standards, and best practices to ensure compliance with regulatory requirements. Familiarity or experience with ISO 27001, NIST, PCI DSS, and / or local BSP regulations.
• Vulnerability Assessment and Mitigation: Identifying IT system vulnerabilities, analyzing risk level, and recommending remedial action to technical teams.
• Reporting and Communication: Presenting risk data, metrics, and mitigation strategies to management and leadership teams.
• Security Education: Providing security awareness training to employe...