HP, Inc. Cyber Security Risk Assessor in Fort Collins, Colorado
Job DescriptionThe HP Cybersecurity Risk Assessor is responsible for end-to-end cybersecurity risk management, including risk identification, analysis andevaluation, identifying remediation requirements, and tracking associatedrisks. Assessment targets include third parties/service providers, as wellas internal business assets. In addition to conducting risk assessment, theRisk Assessor drives continual Risk Management process and tool improvements.The position reports to the Cybersecurity Risk Manager and works closely withteams across Cybersecurity, IT, Privacy, Legal, Procurement, andBusinesses to help protect HP's assets.ResponsibilitiesEnsure timely execution of assigned risk assessments.Identify issues and root causes including oversight and facilitation of riskmitigation plans in alignment with HP Policy and StandardsPartner with management stakeholders (including at minimum: BusinessUnits, Supply Chain, IT, Enterprise Risk Management, Procurement) toeffectively drive effective, proactive risk management.Prepare and present risk management reports, scorecards, and briefings asrequiredReview key metrics and overall performance with internal stakeholders andthird partiesSupport internal and external audit readinessMonitor regulatory changes, corporate updates, and geo-political changesand ensure HP cyber security complianceSupport the development and implementation of HP Policy, standards,guidelines, tools, and documentation for consistent execution of riskmanagement activitiesDrive development, implementation and integration/automation of riskmanagement tools and processesQualificationsBachelor's Degree in Information Security, Cyber Security, or related6 years cyber security experienceDemonstrated experience conducting risk assessments, including internalinformation assurance and third party providersExperience analyzing SOC reports, application testing reports, SAQ'sExperience with risk management frameworks, methodologies and toolsStrong Governance, Risk and Compliance backgroundUnderstanding of ISO 27001/27002/27005, NIST Cybersecurity Framework,PCI DSS, COBIT, and ITIL frameworks, OWASP, pen testing.Experience utilizing API's to enable integration/automation across toolsExperience developing workflowsExperience with data analytics toolsCRISC certification required; CISSP, CCSP highly desirable; CISA, CISMdesirableExcellent interpersonal, written, and oral communication skillsAbility to work in a team as well as independently, in a fast-paced,multi-tasking, global environmentExcellent prioritization and multitasking capabilitiesHighly-motivated self-starter who demonstrates initiativeDesired Skills and ExperienceHands-on coding/development exposure is desired, but not required.Responsibilities may vary over time and include, but are not limited to,those listed.HP is ranked among the Top Companies to work. Among the recognitionsinclude, One of the World's Most Attractive Employers by UniversumGlobal, One of the Top Companies for Women Technologists by Anita BorgInstitute, One of the Top 10 Fortune 500 Companies Millennials are mostexcited to work for by SurveyMonkey, and Working Mother 100 Best Companiesfor 27 years. Furthermore, HP has received two consecutive Diversity LeaderAwards from Profiles in Diversity Journal. HP was also awarded the Gold Medalby World Environment Center for International Corporate Achievement inSustainable Development.HP Inc. is EEO F/M/Protected Veteran/ Individual with Disabilities.