Cybersecurity Risk and Compliance Assessor

HP, Inc.
Published
May 26, 2021
Location
Austin, Texas
Job Type
Page Views
18

Description

Job Description:

As the world around us becomes more connected and more digital, there are increased opportunities for fraud and disruption due to cybersecurity attacks.  The need for companies, products, and services to be secure is more important than ever in this constantly changing landscape.

Are you passionate about keeping good people safe from bad actors?  We are too!  We are HP Cybersecurity and we are tasked with the security of the HP enterprise.  As HP continues our digital transformation, the work of the cybersecurity professional is never complete and is always interesting.  Come be a part of making a difference with us!

The Cybersecurity Risk and Compliance Assessor identifies, documents and communicates cyber security risks and/or compliance gaps for HP assets utilizing defined assessment processes and risk management methodologies.  The scope of assessments potentially includes Customer service delivery environments, internal IT environments, third parties and E-commerce environments. This role also contributes to and/or leads continuous process improvements to enhance HP’s cyber security GRC capabilities.

What a Cybersecurity Risk Assessor does at HP:

  • Scopes, manages, and performs cyber security risk and/or compliance assessments.

  • Maintains the risk register for all assessed assets utilizing eGRC/IRM solution.

  • Works with and supports IT and business stakeholders to ensure accurate asset inventories are maintained.

  • Provides risk mitigation/remediation guidance and support to stakeholders.

  • Maintains and enhances threat models applied to identified assets.

  • Supports internal and external audits.

  • Contributes to and/or leads the continuous improvement and maturation of GRC practices.

Individuals who thrive in this role at HP, typically have:

  • Bachelor’s degree (required, preferably in computer science, engineering or related area of study, or equivalent experience)

  • 6+ years of relevant experience, including conducting risk and compliance assessments.

  • Technical Cyber Security Certification through one of the recognized bodies preferred: SANS, ISACA, (ICS)2, CompTIA, Cisco, CERT; PMP a plus.

  • Solid working knowledge of industry frameworks and standards, including ISO27001/27002/27005, NIST CSF, NIST 800-53, SOC2, PCI-DSS, SIG.

  • Knowledge of common GRC processes, including risk management, exception to policy, policy management, controls management/mapping, auditing.

  • Solid project management skills.

  • A mindset of continuous growth, curiosity, and asking WHY?

About the team:

The Cybersecurity Governance, Risk Management and Compliance team is a key pillar of the Cybersecurity organization responsible for protecting the HP Enterprise against cyber threats.  The GRC team is a diverse group of cyber security professionals who collaborate with all disciplines within Cybersecurity as well as business and functional stakeholders as trusted advisors to effectively manage cyber security risks to the business.

About HP:

You’re out to reimagine and reinvent what’s possible—in your career as well as the world around you.

So are we. We love taking on tough challenges, disrupting the status quo, and creating what’s next. We’re in search of talented people who are inspired by big challenges, driven to learn and grow, and dedicated to making a meaningful difference.

We are 55,000 HP employees, united in creating technology that makes life better for everyone, everywhere. Interested in joining us? Let’s talk.

Related Jobs