At Northwestern Mutual, we are strong, innovative and growing. We invest in our people. We care and make a positive difference.
What's the role?
Northwestern Mutual is looking for Security Assessment Consultant to join the Security Assessments Team to focus on security engineering assessments and threat modeling work.
Accountable for defining and operating processes to provide ongoing monitoring and assessment of control coverage and effectiveness in order to ensure compliance with information protection policies and standards.
Developing Threat Models that enumerate cybersecurity threats, documenting and verifying the existing controls and identifying if additional mitigating controls are required.
Assessing and evaluating complex processes and controls in order to determine compliance with information protection policies and standards, and ensure effective management of risk.
Consulting and advising on large, complex and ambiguous efforts on the appropriate design of information protection controls and control monitoring in order to align with information protection policies and standards, and demonstrate ongoing compliance with information protection policies and standards.
Providing domain expertise for the information risk management program which may include: evaluating vendor security and risk posture, advising on purchase and investment decisions, establishing appropriate monitoring, and evaluating operational effectiveness of information protection controls, and noncompliance issues.
Defining and operating processes to document, report, and manage findings, exceptions to standards, and identified risks to ensure that appropriate action plans are created and executed to remediate gaps, deficiencies, and risks.
Leading, coaching, and mentoring the engineering community and other team members on aspects of the information risk management program and specific processes to ensure behaviors and outcomes that support information protection, privacy, and data security, and drive consistency, quality and productivity of deliverables.
Developing action plans to support departmental and corporate strategy.
Bring your best! What this role needs:
Bachelor's degree with an emphasis in Computer Science, Computer Engineering, Software Engineering, MIS or related field; or related work experience beyond the minimum required.
One or more advanced risk or security certifications (e.g. CISSP, CRISC, CISA, CISM, CCSP, FAIR).
Four or more years of experience in information systems or systems audit with a demonstrated knowledge in technologies and processes
Demonstrated ability to design and implement IT general controls
Ability to assess designs for risk and control gaps and recommend remediation approaches
Demonstrated ability to lead, coach and mentor other team members
Strong ability to independently identify and resolve critical and complex issues through effective problem solving skills
Solid ability to maintain and strengthen relationships; ability to effectively influence and negotiate with internal and external partners
Ability to recommend mitigating controls for various security gaps
Cloud Security experience - AWS, Azure
Knowledge of NIST framework
Experience or working knowledge with threat modeling methodologies visually representing data and process flows in an enterprise environment.
Beyond base salary, NM offers the following benefits; pension, 401k, PTO, tuition reimbursement, comprehensive medical, dental, and vision, FREE lunch, annual bonus opportunity, and much more!
This job is not covered by the existing Collective Bargaining Agreement.
Grow your career with a best-in-class company that puts our client's interests at the center of all we do. Get started now!
We are an equal opportunity/affirmative action employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender identity or expression, sexual orientation, national origin, disability, age or status as a protected veteran, or any other characteristic protected by law.
FIND YOUR FUTURE
We're excited about the potential people bring to Northwestern Mutual. You can grow your career here while enjoying first-class perks, benefits, and commitment to diversity and inclusion.
Northwestern Mutual has been helping families and businesses achieve financial security for nearly 160 years through a distinctive planning approach that integrates risk management with wealth accumulation, preservation and distribution. With more than $217 billion in assets, $26 billion in revenues and more than $1.5 trillion worth of life insurance protection in force. Northwestern Mutual delivers financial security to more than 4.2 million clients. People are the power behind Northwestern Mutual, and diversity makes us better. We are committed to reflecting and serving the marketplace. We do so by attracting and enhancing the engagement of those who bring their unique perspectives, ideas, and beliefs. At Northwestern Mutual, people matter. And you’ll be working for a company that’s consistently voted among the “most admired” in the nation.