Chevron Corporation is one of the world’s leading integrated energy companies with subsidiaries that conduct business across the globe. The Chevron Energy Technology Company’s Operational Excellence, Process and Controls Group is accepting online applications for the position of Technical Computing Information Risk Management Coordinator, located in Houston, Texas.

The Technical Computing Information Risk Management (IRM) Coordinator will work as part of a team to maintain key IRM processes and tools that facilitate compliance for specific areas which could include Application and System Security, SOX, Data Privacy, Research and Development and Business Unit data security, application and data Inventories, Business Continuity Planning, Data Recovery Planning and Audit Remediation,. The selected candidate would be required to manage the IRM compliance plan/program for various ETC areas, manage the execution of specific IRM projects to address identified opportunities/issues and track/report progress against agreed metrics on an ongoing basis. The IRM Coordinator will be an IRM subject matter expert within ETC and be responsible for building the awareness and capability of our staff to ensure IRM risks are adequately addressed.

Responsibilities for this position may include but are not limited to:

• Leverage Technical Computing, IT and business knowledge to shape and drive ETC’s compliance processes and plans.
• Work with Technical Computing’s leadership and collaborate with IRM Champions and Coordinators across Chevron's Energy Technology Company & Upstream to assess risk and execute consistent processes that will ensure ETC assets comply with IRM Standards.
• Communicate across all levels in the organization in a clear, concise, and understandable manner.
• Work with ETC leadership, trainers and managers to ensure they have access to critical and timely IRM information.
• Coordinate with other Department IRM Coordinators to define and standardize compliance reporting requirements.
• Understand and work with strategic projects to ensure compliance issues are appropriately addressed and standardized processes are applied to new systems.
• Deliver comprehensive training to increase IRM organizational capability across the department.
• Leverage and share best practices across the IRM Function.
• Maintain frequent, proactive, and effective contact with stakeholders.

Required Qualifications:
• Bachelor’s degree in Business or Information Technology
• 5 - 10 years experience as an Information Risk Management Coordinator or Analyst.
• The successful candidate must be highly motivated, enjoy a challenging work environment, and be able to work independently as well as in a technical team environment.
• Applicants must be self-starters, with strong communication skills.
• An understanding of Information Protection and experience in Project Management is important.
• Applicants should demonstrate strong leadership skills and the ability to consistently raise the bar, engage others, and mobilize commitment to produce results.
• Familiarity with IRM including application and system security, data privacy, business continuity planning, data recovery planning and audit remediation.
• Proven track record of independent risk management judgment and able to demonstrate previous experience in formulating and executing plans to address IRM opportunities/issues.
• Demonstrated ability to interact, influence, work collaboratively, build consensus, identify solutions and resolve issues with stakeholders across the enterprise.
• Requires ability to build effective relationships across Chevron.

Preferred Qualifications:
• Certified Information Systems Security Professional (CISSP) certification or other certifications in the Information Security, Governance, and Risk Management domains highly desirable.
• An understanding of basic earth science and reservoir management data and technology is a plus.

Relocation Options:
Relocation will not be considered.

International Considerations:
Expatriate assignments will not be considered.

Please send resumes to ndingwall@enscoplc.com or visit the Corporate website to apply, http://www.enscoplc.com/Careers/GLOBAL-JOBS/default.aspx

Job Summary:

This job is accountable for planning, performing and documenting multiple Internal Audit examinations and special assignments of financial and operational controls and computerized information systems.  Incumbent will provide Mary Kay management with an independent examination of the adequacy of computerized financial and operating policies, procedures and controls. These examinations may identify areas and methods for improvement; and result in recommends to promote efficiency and cost savings.  Additionally, this job is responsible for acting as a resource to the financial audit staff during other audit projects.

Essential Job Duties and Responsibilities

• Plans, performs and documents multiple Internal Audit examinations and special assignments of financial and operational controls and computerized information systems: 
• Evaluates internal accounting and operational policies, procedures and controls related to computerized information systems to identify weaknesses and areas for improvement.  Evaluates significance of identified risks and defines corrective action using a strong set of analytical skills and broad accounting and auditing knowledge.  May design automated tests to be used in confirming the integrity and data content of selected systems.  Develops recommendations to assist management in identifying areas of improvement and recommends corrective measures to enhance operating efficiencies, controls, and reports.
• Works closely with IST to conduct pre-installation reviews of new or purchased computer systems in order to identify data needs versus system capabilities, determine effectiveness and efficiency of systems, and ensure the capture and reporting of information that is relevant to management and effectively contributes to the decision-making process. 
• Performs complex non-computerized operational and financial reviews of international subsidiaries and domestic departments with or without written policies and procedures. Determines whether systems of financial and operating controls are functioning properly and are in compliance with established processes, policies and procedures or best practice to determine if changes, or definition of policies and procedures, are needed.
• Recommends systems or system modifications, policies and procedures to improve methods of safeguarding assets, provide more timely and accurate financial data, improve efficiency, and minimize cost. 
• Prepares concise reports on examinations and findings which details areas examined, areas needing improvement and measures required for corrective action.  Drafts a report and memos for review by management and sends drafts to operation management for their review and comments
• Responsible for developing specific audit program steps, audit work plan, and specific audit tests for departments or areas with no prior audit lead files, workpapers, audit programs or history files. May provide suggestions for areas to be included in the Internal Audit departments annual audit schedule.
• Participates in meetings with all levels of management to provide information regarding the implementation of accounting or operational controls to safeguard the integrity of computerized systems.
• Assists Internal Audit management in the training of department Audit Assistants to utilize automated systems to generate audit reports or perform other work assignments as appropriate.
• Assists external auditors on interim and annual basis to assure complete, accurate records and adequate internal controls in compliance with financial reporting requirements.
• Performs internal audit activities as requested by the department management.

Education and/or Experience

• Bachelor’s degree or equivalent in Computer Science, Accounting or Business Administration with emphasis in business systems development. 
• Must have a strong comprehensive working knowledge of Generally Accepted Accounting Principles, Generally Accepted Auditing Standards and Standards for Information Systems Auditing. 
• A Master’s degree and current Certified Public Accounting (CPA) license preferred.
• 5-7 years of auditing and/or information systems auditing experience.

Skills/Specialized Knowledge

• Requires a working knowledge of client server operating systems and architecture. Must also have knowledge of a programming language and the ability to perform data analysis.
• Ability to perform audits of computerized systems including knowledge of programming and systems design.  This experience is needed to perform pre- and post-installment reviews of new or purchased computerized systems, to evaluate system weaknesses, to recommend modifications
• Knowledge of computerized systems will also be used to develop automated tests to confirm the integrity and data content of systems during audits. Must be able to design and implement tests for use in auditing computerized systems in order to confirm the completeness of computerized controls and the integrity of data content during information systems audits.
• Must have excellent written and oral communication skills to effectively secure information from IST, domestic and international management and other departments during audits of computerized systems.  Must be able to organize and succinctly explain deficiencies, risks, and recommendations to senior management in understandable and non-technical language.
• Must have knowledge of various word processing, spreadsheet and flowcharting software packages in order to prepare audit reports and presentations for management.  Must possess a functional knowledge of terminology, equipment, programming concepts in order to review and evaluate system based accounting systems.
• Ability to utilize courtesy and with tact in interaction with department staff in the exchange of information while providing instruction and guidance in computerized audit methodologies and techniques.
• Must be willing and able to travel and examine international subsidiaries where new or revised computer information systems have been installed.  Must be able to assist in audits of international subsidiaries including both operational and financial reviews. Travel should not exceed 25% although individual trips may be of several weeks duration
• Must be able to work within established time constraints and produce a quality product. 
• Must have excellent time management and interpersonal skills to effectively secure information.
• Must be customer service oriented to promote the Internal Audit image as serving departments versus “fault finding” and effectively convey identified weaknesses and recommendations.
• Foreign language skills and CISA/CIA certifications beneficial.

For More Informaiton or to Apply for this Position, please e-mail crystal.nuchkasem@mkcorp.com

Information Security Analyst

Houston Independent School District (Houston, TX)

Position:  Information Security Analyst

Employer:  Houston Independent School District

Base Pay :  $66,000 - $88,000 /Year

Employee Type :  Full-Time

Industry :  Education - Teaching - Administration

Manages Others :  No

Job Type :  Information Technology

Education : 4 Year Degree

Experience : At least 7 year(s)

Travel :  Negligible

Relocation Covered :  No

Contact Information

Contact : Shellie Zielinski-Doran

Phone : 713-556-6200

Ref ID : 102201

 Description

As part of the IT Security organization within the Houston Independent School district (HISD), you will have the opportunity to make a leading contribution to the educational effectiveness and business productivity for the seventh largest school district in the United States. HISD is broadly recognized for its innovative approach to educating children through leading initiatives such as the respected Teacher * Pay for Performance * and Alternative School Programs. 

 The role of the information security analyst is to contribute to the implementation and operation of a variety of security solutions to actively protect the district’s computing assets and help identify and mitigate security threats. The successful candidate will be responsible for the implementation and operation of network and host based security controls, actively participate in the prevention, identification and containment of security threats and ensure compliance with any applicable federal and state compliance requirements.

 Responsibilities

• Assist with the monitoring of various systems such as network intrusion prevention systems, network inspection / DLP devices, endpoint security solutions (AV, Encryption, HIPS, etc) and participate in the incident management process.
• Coordinate the implementation of operating system, application and network devices patches and updates. Provides management with regular reports to ensure software updates are maintained in multiple infrastructure components.
• Provide proactive monitoring of multiple security controls and investigate, analyze, remediate and report on security events and incidents

• Participate on the security event management lifecycle, including but not limited to leveraging SIEM tools for proactive incident detection, analysis of alerts from multiple host and network systems and ensuring incident response processes are executed in response to security events.
• Actively participate in the computer security incident response team (CSIRT). Responsible for coordinating incident remediation of threats (malware, spyware, etc) across all network endpoints.
• Conducts security training and develops awareness programs and materials for both technical and non-technical computer users.

• Reviews and identifies areas where existing policies and procedures require change, and steers and/or participates with teams creating, modifying, and maintaining policies, standards, and guidelines as they relate to information security.

 Requirements

• Bachelor’s Degree.
• 7 years professional experience in the IT field.
• Hands-on experience with implementation and/or operation of one or more security technologies such as firewalls, intrusion detection and prevention systems, anti-virus, content filtering, and identity management solutions
• Basic knowledge of application and operating system hardening, vulnerability assessments and risk management lifecycle.
• Hands on experience managing and troubleshooting network perimeter security technologies such as firewalls, proxy servers, intrusion prevention/detection (IDS/IPS), antivirus and antimalware.
• Experience deploying, managing and monitoring endpoint security controls and encryption technology
• Extensive knowledge of Microsoft operating systems (server and workstation)
• Understanding of security concepts and services such as log review, incident response, two-factor authentication, identity and access management, AD group policy, least privilege, etc.
• CISSP (Certified Information Systems Security Professional) preferred.
• Must have excellent verbal, written, and presentation communication skills, strong interpersonal skills and the ability to work effectively across project teams.

Internal Audit Senior

Woodforest National Bank (The Woodlands, TX)

• Demonstrate excellent communication skills, both written and verbal
• Demonstrate excellent organizational skills with the ability to prioritize workload and multi-task in a fast pace environment while maintaining attention to detail
• Assist in the preliminary survey of operations, functions or activities and gather information on key business risks
• Assist in planning the scope of assigned audits including audit procedures
• Evaluate the adequacy of the controls designed to manage risks
• Discuss strengths and opportunities for improvement with management and develop recommendations for improvement
• Use standard audit techniques to obtain, analyze and appraise data, transactions and records as a basis for providing an objective opinion on the performance of the business activity and effectiveness of key risk management activities
• Prepare organized, accurate and competent work papers ensuring that documentation supports the conclusions regarding audit objectives
• Prepare the draft report, obtain action plans on audit issues and engage in dialogue with management as needed
• Follow up with management regarding outstanding audit issues until resolved
• Assist in presentation of audit reports and related issues to the Audit Committee
• Contribute to the development of the annual risk assessment and audit plan
• Assists with independent auditors during the annual external audit
• Apply advanced analytical skills and knowledge of current auditing developments and standards to formulate appropriate solutions
• Develop relationships within the Bank and provide exceptional internal customer service
• Maintain a high level of company and customer confidentiality
• Follow established procedures and timelines in order to meet deadlines
• Knowledge of banking services and products, and bank policies and procedures
• Provide teamwork and support, if needed, to other areas regardless of responsibility

All other duties as assigned

Education   

Bachelor’s degree required, Accounting or Finance field preferred 

Professional certification (i.e. CPA, CIA, CISA, CFSA, CFE, CRCM, etc.) or working towards preferred

Experience       

3 years internal audit experience or 3 years bank compliance experience required 

Current bank regulatory compliance experience preferred 

Direct financial services experience preferred  

Prior experience in a Risk management, Compliance, Financial Analysis or Bank Examiner role preferred 

Strong technical skills including the use of current database and report writing tools preferred

Woodforest is an Equal Opportunity Male / Female / Disabled / Veteran and Affirmative Action Employer

For information and to apply  use link below,

https://woodforest.taleo.net/careersection/2/jobdetail.ftl?job=116881&lang=en&sns_id=mailto#.TygVMGSk2t8.mailto

Senior IT Assurance Analyst

BMC Software, Inc. ((Houston, TX)

Position Summary

BMC Software, Inc.

Sr IT Assurance Analyst - USA

Position Description

The Sr IT Assurance Analyst contributes to Assurance activities through exemplary performance practices and sharing of subject matter expertise.  Responsibilities include: - Partner with technology control owners to foster control adequacy and efficiency - Participate in company and departmental engagements to include risk and controls assessments, processing efficiencies, stakeholder involvement and issue escalation - SOX and Audit testing and reporting to include application of approved test approaches, workpaper documentation, clearing of review notes, and conclusion evaluation - Status reporting - Team meeting attendance - Committee participation

Position Requirements

-BS in MIS, Computer Science, or related technical field -5-7 years in internal or external audit or business consulting in the IT area -Proficiency with MS Office, Analytical tools, SQL, Oracle Financials, BO, Hyperion (Essbase, Planning) -Business acumen and basic risk evaluation & quantification at the business process level -Solid understanding of process flows, narratives, policies and procedures -Project Management with a solid ability to prioritize competing deliverables and routine tasks -Solid verbal and written communication skills -Ability to oversee and drive team activities to the successful achievement of engagement objectives -Solid presentation skills -Ability to travel up to 25% -Professional Certification CIA, CISA, ITIL, PMP, LSS, or equivalent a plus BMC is an Equal Opportunity Affirmative Action Employer.

Position Attributes

Experience with Oracle Financials application controls and Oracle PL/SQL highly desired for this position.

How to Apply

To apply directly to this position, please click here or go to www.bmc.com/careers and search job ID 13810.

Job Description

The Director/Senior Internal IT Auditor’s main function for this publicly traded business is to conduct internal IT audit reviews of varying complexity and scope on all operations of the organization—including financial, operational, compliance, and strategy-focused audits—with the objective of testing the effectiveness of controls and identifying process improvements.  Function will include efforts required for verifying compliance with Sarbanes-Oxley 404, and it will also include coordination of our efforts with outside IT auditors.

SUMMARY

Tasks include, but are not limited to, preparation of annual audit plans, development  and execution of audit programs, analysis and reporting of observations, including recommendations for improving the IT control environment, data integrity and operations.

ESSENTIAL DUTIES AND RESPONSIBILITIES include the following.  

• Conduct reviews of data centers, extranets, telecommunications, and intranets to assess controls and ensure availability, accuracy, and security under all conditions.
• Coordinate with IT department and external auditors during SOX IT testing.
• Identify and evaluate risks during review and analysis of System Development Life Cycle (SDLC), including design, testing/QA. And implementation of systems and upgrades.
• Determine compliance with policies, regulations and laws.
• Assess the effectiveness of management controls.
• Work on other audit projects or duties as required.

SYSTEMS INVOLVED:

• Aline
• Active Directory
• SQL
• TripWire
• Doc Link
• Adobe Writer
• Great Plains
• Windows XP Operating Systems
• Microsoft Access
• Microsoft Office (Excel, Word, PowerPoint, Visio)

SUPERVISORY RESPONSIBILITIES:

None.

Requirements

• Proficient in MS Office Suite, emphasizing excellent data analysis skills.
• To perform system development and legacy systems reviews to ensure business and IT objectives are met.
• Evening and weekend work may be required. 

QUALIFICATIONS

To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.

• Extensive background in all stages of audits, including planning; study, evaluation, and testing of controls; reporting; and follow-up.
• Proven track record of assessing system/network availability, security, and data integrity to identify, manage, and reduce risks and ensure general compliance.
• Acute understanding of networking, hardware, software, and data centers.
• In-depth knowledge of Sarbanes-Oxley Act (SOX) and business processes.
• Ability to effectively interact with other employees on a regular basis.
• Ability to effectively handle multiple priorities in a fast paced environment.
• Ability to work independently with minimum supervision.
• Ability to travel domestically and internationally, approximately 10 to 15%.

EDUCATION, CERTIFICATIONS and/or EXPERIENCE

• BS in IT or related degree preferred.
• Minimum of 6 to 8 years of audit experience required. IT Audit experience preferred.
• CISA required.  CPA, CIA or other related designations helpful.

 LANGUAGE SKILLS

• Must have excellent communication skills, both written and oral.

Please visit the following link to apply through our corporate website http://www.cardtronics.com/careers/job-postings.asp

Contineo is a Professional Services Corporation specializing in compliance auditing, consulting, information technology and managed services. Although our primary service markets are financial institutions and health care organizations, we provide solutions to companies in various industries throughout the U.S., including manufacturing, legal, high-tech and real estate. Our strategy focuses on emerging solutions for complex business and compliance issues, allowing us to develop and simplify the processes that enable our clients to succeed in their marketplace. Established in 2000, Contineo is headquartered in Spokane, Washington, has a field office in Fort Worth, Texas, and works with clients in over 20 states.

POSITION: IT Consultant/Auditor

The Consultant/Auditor is a key person in the relationship between the Contineo audit and consulting team and our clients. The qualified candidate is an audit and/or IT professional with financial institution and/or healthcare industry knowledge and who possesses a combination of consulting, audit, risk analysis, and project planning experience. Strong communication and documentation skills will be required to successfully perform in this rewarding position. This position reports to the Vice President.

Specific duties include:

• Conduct audits and compliance assurance tests (including but not limited to ACH, IT, Information Security, SOX 404 and SAS No. 70)
• Provide risk analysis and recommend risk mitigation strategies to senior management of client organizations
• Prepare and present audit reports to senior managers and directors of client organizations
• Conduct vulnerability assessments for networks, systems, and applications
• Review information security reports and event logs as part of forensic analysis in the event of an attack on client systems
• Develop strategic and tactical plans aligning with client requirements for information security, disaster recovery and business continuity, compliance, new product delivery, strategic growth, and operational efficiency
• Provide general administrative, sales and client support assistance, as required

Education Required

Bachelor’s degree from a four year college/university (Finance, Accounting, Computer Science, MIS, Technology Management or a related field), or equivalent work experience

Skills / Experience /Requirements:

• Minimum 2 years audit, or 3 years IT consulting, experience required
• Minimum 2 years financial industry (bank/credit union) experience preferred
• Strategic and tactical information security and IT planning skills, including solution development and vendor evaluation/selection
• Understanding of and experience with federal regulations such as NACHA Operating Rules, GLBA, Sarbanes-Oxley, and HIPAA
• Must possess excellent verbal and written communications skills
• Conceptual knowledge of TCP/IP networking, firewall, intrusion detection system (IDS), virtual private networking (VPN), and virus protection technologies
• General knowledge of LAN/WAN internetworking technology, including network protocols and operating systems
• Knowledge of Vulnerability Assessment and Penetration Testing tools is a plus
• CISA, CISM or CISSP credentials; or able and willing to obtain certification within 18 months of hire
• Must be positive, team-oriented, self-directed and self-motivated
• Travel: 50-60% required

Benefits:
• Medical, dental, life and disability insurance
• Simple IRA program
• Paid time off and holidays

Job Location: Fort Worth, Texas

Salary: DOE

Anticipated Start Date: Immediate Opening

Contact: Chris Wetzel, Vice President
cwetzel@contineotech.com

One of the largest oilfield services companies, Weatherford operates in more than 100 countries and employs more than 50,000 people worldwide. With a product and service portfolio that spans the life cycle of a well— drilling, evaluation, completion, production and intervention— and a robust research and development effort , we are well positioned to meet the ever-evolving needs of the oil and gas industry. 

Responsibilities include:

• Conducting/managing audits of information systems and technical infrastructures, processes, data centers and computer operations and special projects, as assigned.
• Consulting in system development projects and other critical IT initiatives and partner with IT and Business management.
• Managing teams of auditors in the on various projects including SOX testing, fraud investigations, operational audits, recommending controls to ensure system reliability and data integrity, as well as special projects as requested.
• Review audit files and audit reports to ensure department standards are met as well as the International Standards for the Practice of Internal Audit.
• Lead, Arrange and Organize Opening/Closing conferences in the field with Local Controllers and their team.
• Write audit programs and procedures as required and/or adjust existing processes when needed.
• Establish and maintain excellent collaborative relationships with all levels of management and within the IA Dept.
• Prepare audit/project budgets including time and expenses prior to the commencement of fieldwork.
• Works independently with specific guidance on complex issues from Sr. Managers.
• Possess a genuine interest and understanding of both departmental and company's goals and objectives.
• Responsible for the development and mentoring of Senior and Staff. This includes assisting with setting of goals and objectives, recommending training, participating in and suggesting corrective action as necessary, and completing evaluations on each project.
• Maintains a fiduciary responsibility for all company assets and resources within their control.
• Firm understanding of information system/technology concepts and principles as well as their application, including complex scenarios.
• A general understanding of accounting concepts and principles and their application.
• Adheres to the highest levels of integrity, objectivity, confidentiality and maintains and demonstrates competency.
• Excellent communication skills, both written and verbal.

Supervision:

• Receives supervision from Senior Managers.
• Provides supervision to Senior and Staff Auditors.

Education and Special Skills:

• Bachelor's degree in Accounting Information Systems, Management Information Systems, Computer Science or other related field is required.
• Professional certification or advanced degree required (CISA, CISSP, etc...).
• Microsoft Office proficient required.
• Oilfield experience a plus.
• JDE, SAP, Hyperion experience a plus.
• Up to 35% Travel
• Flexibility, adaptability and internal drive required.

Experience:

Five or more years of experience in Information Systems Auditing or other related experience is required.  Some audit preferred.

Prior management/supervisory experience required.

APPLY AT: https://weatherford.taleo.net/careersection/cs1001/jobdetail.ftl?lang=en&job=408681

One of the largest oilfield services companies, Weatherford operates in more than 100 countries and employs more than 50,000 people worldwide. With a product and service portfolio that spans the life cycle of a well— drilling, evaluation, completion, production and intervention— and a robust research and development effort , we are well positioned to meet the ever-evolving needs of the oil and gas industry.   

BASIC FUNCTION:

This role will focus on Information Technology processes and environments as well as business processes such as payroll and accounts payable. The Senior Auditor will be expected to perform testing and manage aspects of the engagements for General Computer, application and business process controls for both the Company and field locations. The Senior Auditor will be responsible for conducting audits related to the IS environments and processes, SOX 404, and risk assessments. In addition, this position will require the auditor to be able to formulate audit approaches to test areas assigned to review as well as potential solutions for remediation.

Under minimal supervision, performs audits that are moderately difficult and broad in nature, with some latitude for unreviewed action.  Assist Internal Audit Managers with the execution of the annual internal audit plan.  Executes financial, operational, IT and compliance audit programs.  Interacts with local personnel to identify process risks and controls.

DUTIES & RESPONSIBILITIES:

• Responsibilities and essential job functions include, but are not limited to the following:
• Maintains effective communications with the Internal Audit Manager
• Completing audit programs
• Assist in formulating audit reports for management
• Developing and mentoring other staff auditors
• Complete audit files requiring only minimal corrections
• Prepares and submits reports on the results of audits, recommending improvements in policies and procedure.
• Researches technical issues.
• May instruct or assign work to lower level auditors and other employees engaged in internal audit activities.
• May require up to 50% travel both domestic and international.
• Ability to participate with responsibility and maturity in a team environment and contribute to team audit goals.
• Know and understand Weatherford Quality Policy and comply with all requirements of the
• Quality Systems Manual, Operating and Technical Procedures and Workplace Instructions.

REQUIREMENTS:

• A Bachelor's Degree in Accounting or Finance is required.
• 3+ years of experience in Accounting, Finance or Audit is required.
• 1 Year or more experience with Internal or External Audit, including Sarbanes Oxley experience.
• Ability to travel approximately 50% within the US and internationally is required.
• CISA, CIA, CPA or similar certification is preferred but not required.

ABILITY TO:

• Communicate with all levels of management.
• Embrace change.
• Solve problems and make decisions.
• Review and appraise the effectiveness of operating and financial processes.
• Build consensus.       

SKILLS & KNOWLEDGE

• Proficiency in Microsoft Office, internet, web-based and job specific software applications.
• Working knowledge of GAAP, and audit procedures
• Read and interpret documents and write routine correspondence.
• Gathers and analyzes information skillfully.

About HP Technology Services, Enterprise Consulting

HP Consulting is a global business integrator delivering solutions with power, speed, passion, and precision.  Through a team of 6,000 exceptionally talented Consultants and Project Managers in 110 countries, we offer global technology solutions to multi-national, multi-site enterprise businesses in industries as diverse as financial services, manufacturing, telecom, automotive, networking, IT, CRM and e-commerce.  Our work---your work---helps clients realign their IT strategies and maximize technology's ability to create or capitalize on business opportunities.  

About the role

In this entirely customer-facing role, you will help customers define and implement complex integrated solutions that optimize their technology to secure, support, and grow their business.  You'll be making significant contributions to the overall success of projects, whether the optimum solutions involve people, processes, or technology.

Delivering tremendous differentiated and perceived value to customers, you'll ensure that HP provides them with the best overall service experience in the industry…not only ensuring that projects run to plan, but also identifying opportunities to provide even greater value through expanded engagements or new consulting opportunities.

This will involve working exceptionally closely with customers, sharing knowledge, leveraging HP's experience and technology, and driving the creation of structured intellectual capital. 

Role Description:

Maintain a state of recovery readiness by ensuring that IT BC / DR plans are updated.  Plan and oversee periodic testing of plans, document the results, and create programs and tasks to update and/or refine plans based on lessons learned. Serve as the Incident Response Manager for the IT organization, holding ownership of the CSIRT plan, testing, and incident response.

Services include developing vision, scope, policy, principles and standards to guide the BCM program.

CERTIFICATIONS, LOCATIONS, & TRAVEL

Mandatory requirement:  A BCBP certification + one of these certifications:  CISSP, CRISC, or CISM.  Additional IT security certifications desirable.

Position is located in Houston TX.  Services associated with the initial engagement will be provided daily at the customer's site in Houston.

Heavy travel likely, up to 75%.  While initial / primary engagement is not likely to require travel beyond 25% for Houston-based residents, the person in this role must be available for other / additional engagements which could require travel to 75%.

EXPERIENCE & EDUCATION

8+ years of professional experience and a Bachelor’s degree in Computer Science or related area of study

Without a degree, three additional years of relevant professional experience (11+ years in total).

· Demonstrated in-depth experience and understanding of Business Continuity Management

· Ability to lead Incident Response program with demonstrated ability in Response, Recovery and Restoration planning and execution in crisis situations

· Has sufficient depth and breadth of technical knowledge to design and scope multiple deliverables across a number of technologies.

· Has demonstrated innovation and communication of new deliverables and offerings.

· Has led team in the delivery of multiple deliverables across multiple technologies.

· Ability to develop solutions that enhance the availability, performance, maintainability and agility of a particular customer's enterprise.

· Has contributed to the design and application of new tools.

· Ability to re-use existing experience to develop new solutions to take to market.

· Able to communicate with internal and external senior management confidently and demonstrate the professionalism of the job family.

· Ability to adapt a consulting style appropriate to the situation and can identify up-sell opportunities.

· Be able to demonstrate a broad understanding of market dynamics, an industry area, commercial issues, and technical concerns while maintaining depth in core focus area.

· Ability to present within own area of expertise as part of a customer sales presentation, putting forward domain-specific information within the context of an HP sales campaign.

· Has demonstrated ability to lead others in the gathering of requirements, designs, plans and estimates.

· Able to produce complete proposals for smaller engagements within own area of expertise.

· Demonstrates broad knowledge in other technical areas in order to properly manage complex integration efforts.

· Demonstrates application of technical expertise in successful engagements involving multiple disciplines.

· Able to independently complete solution implementation or application design deliverables.

· Able to manage a team of consultants in the completion of one or more solution requirements, architecture, or implementation deliverable.

Under the general supervision of a Manager, assists in the audits of various departments and entities to determine adherence to established plans, policies, procedures and good business practices.

DEPARTMENT:  IT/Technical Services

EMPLOYEE TYPE: Full-time Employee

JOB DESCRIPTION

A: Purpose and Scope

Security Administrator is responsible for developing and supporting corporate Information security strategies. 

Develop and publish Information Security policies, procedures, standards and guidelines based on best practices, industry standards, and guidelines.  Develop security training material, Web content, alert and awareness notification and conduct training sessions for the organization. 

Coordinate and execute IT security related projects across departments. 

Coordinates with manager and supervisor activities of employees engaged in supporting the organization’s applications and data as it relates to security.  Liaison between Information Technology and both internal/external auditing to track controls, coordinate audit request and responses.

Security Administrator must also be well rounded understanding and experience with a wide range of security products, operating systems and all aspects of networking.

B. Responsibilities

• Maintaining IT controls for SOX
• Security Analysis
• Development policies and procedures
• Development Web content and training material
• Security architecture and models
• Problem management and resolution
• Written and oral communications
• After-hour and weekend availability
• Work without supervision
• Light travel

C. Organization Relationships:   Reports to Technical Services Director

JOB REQUIREMENTS

A. Education and Training

Bachelor Degree in Computer Science/Information Technology/ related field is required.

 CISSP/CISA certification preferred.

B. Technical Requirements

• Microsoft Active Directory
• HP Unix and Radhat Linux
• Cisco – Switches, Routers, Firewall, Ethernet and TCP/IP environment with Internet access
• Microsoft SQL and Oracle application/database
• Security application integration
• Problems resolution, including ownership through resolution
• Coordinates hardware, software and patch updates from vendors
• Assists other Systems Administrators and Service Desk staff as required

C. Experience:    Minimum seven (7) years security experience

Exposure to following:

• Windows 2000/2003/2008 Server
• Oracle 9i/10g, Oracle11i/11g, SQL
• Unix and Linux
• Cisco
• IPS/IDS
• Symantec Bindview/Control Compliance Suite
• Windows XP/7 Workstation
• Hosted/SaaS/Cloud Computing
• SAS 70 type I and II
• SSAE No. 16
• Server administration tools
• Security administration tools
• MS Office

For more information and to apply for this position, visit:

https://www8.ultirecruit.com/PLA1005/JobBoard/JobDetails.aspx?__ID=*20638524C06054C9

IT Auditor

KFORCE Technology (Houston, Texas)

This is a mid-level IT AUDIT role for a major oilfield services organization here in Houston, TX. This is a fulltime opportunity for someone with 2-4 years experience particularly around IT controls in the areas of change management, computer operations and security controls. This is a unique opportunity for someone relatively early in his or her audit career to join a global organization and work in many different areas of audit. Formal job description below. If you feel you are a fit for this role in terms of years experience and expertise,

JOB DESCRIPTION

Responsible for auditing moderately complex information systems and applications to ensure that appropriate controls exist, and that processing is efficient and accurate. May provide advice and direction to trainees. Reports to Supervisor or Manager – Information Systems Audit. Requires an undergraduate degree from an accredited college or university (where applicable). Typically has 2-4 years of significant experience working as an IT Auditor.

Knowledge of general IT controls in the areas of change management, computer operations and security controls
Knowledge of software development life cycle and IT project management
Technical skills relating to various infrastructures, operating systems and databases
Strong analytical, oral and written communication skills
Ability to work in a team environment and with various levels of management
Willingness to travel
CISA, CIA, or other security certification a plus.

Please reply to Emily Besser (ebesser@kforce.com ) with your updated resume. 

Protegrity is one of the worlds most recognized and trusted solutions provider for data security, encryption and tokenization. As the innovation leader in the data security space, with a powerful set of customers on the Fortune 1000 world-wide list. If you want to be part of a high growth, innovative, yet established in the marketplace software company, where you can have an immediate impact – then Protegrity is the company for you. Protegrity’s mission is to protect the most valuable assets that a company has: its data – from acquisition to deletion.  The Protegrity Data Security Platform continuously safeguards sensitive information throughout its lifecycle with patented database, file, and application encryption as well as integrated data security key management and high performing tokenization of sensitive data. Protegrity provides competitive compensation and a stock option program to reward success!

Position Mission:

Provide sales results combining sales skill and technical and business knowledge support to Protegrity’s business plan.

Position Summary:

Due to expansion of our offerings, Protegrity is seeking a highly seasoned sales person to support our business. We are seeking “A” players who have extensive experience in selling into complex accounts in all major industries such as retail, healthcare, finance, manufacturing and transportation. The ability to prospect and initiate deals independently is a must. The Account Executive will be backed up by a strong technical and marketing team focused on protecting sensitive data across the client organization. Key success factors include the ability to:

• Engage and present at various levels of the IT Operations and IT Security organizations
• Penetrate an account and effectively communicate the Protegrity value proposition
• Follow up to ensure sufficient momentum within the account to ensure a sale
• Use available resources to connect with DBAs, Sys Admins, Developers, IT Security professionals and their managers and directors
• Master appropriate technical aspects of the Protegrity solution including encryption, role based access control, and tokenization and data security technology.
• Engage and network within the client organization and Protegrity and its partners to deliver a solution
• Work with SalesForce and other systems for sales process and management.
• Prospect within organizations and follow up on leads, lists and demand generation activities.

This position works with prospects to understand the prospect’s systems, their business issues, data flow and unique problems. The chosen candidate must be able to gain the customer’s confidence to such a degree that the prospects see Protegrity as the solution to their data security requirements.

Key Responsibilities:

As part of the sales team, you must be able to go create the opportunity to present the Protegrity offering from a technical and business point of view. Success is measured in closed deals and implementations that occur as planned during the sales cycle. This may take a series of meetings – in person or remote - and requires: excellent listening skills, ability to gather requirements, translating requirements into the right solution, excellent writing skills, addressing competitive alternatives, and the ability to create the need and relationships to ensure success.

Example of duties:

• Understand and present the Protegrity Value Proposition to a variety of customer, prospect, partner and internal contacts.
• Prospect and follow up on leads and contacts from marketing activities and events.
• Ability to leverage key programs, relationships, technology and personnel to move sales to closure.
• Interact with a diverse group of people in order to gather knowledge from a variety of sources to assist with winning the deal.
• Help identify and communicate the match between requirements with the best Protegrity solution.
• Manage RFI & RFPs and the sales process.
• Manage new and existing account relationships.
• Documenting and updating SalesForce as required.
• Travel as required (up to 50%).
• Other duties as may be appropriate and applicable.

 Required Qualifications:

• At least 5 years of documented sales experience in a complex sales environment
• Exceptionally strong presenter and persuader
• Strong problem solving and analytical skills
• Well-developed interpersonal skills with an ability to get along with diverse personalities
• Strong business acumen
• Understanding of the role of technology in solving business issues and improving ROI
• Excellent ability to guide team to adopt and present correct solution
• 4 Year degree from accredited academic institution
• Travel (approximately 25% to 50%)

Advantages:

• Previous selling or inside/presales experience of security solutions
• Previous selling or inside/presales experience of database solutions
• Previous software sales experience
• Experience with PCI, HIPPA, Sarbanes-Oxley and/or California 1386.

Locations:

Various locations in Texas and other areas in North America and Europe

IT Auditor

CALPINE CORPORATION  (Houston, Texas)

Internal Audit provides a tremendous opportunity for team members to understand how Calpine works both operationally and financially. The scope of our efforts spans across all aspects of Calpine’s business, from governance and financial management through business operations and customer interaction. IT Auditors can expect to participate on projects that cover a wide range of topics, in areas significant to Company objectives, while interacting with all levels of management. We work closely with the business owners using our expertise to support Calpine in matters related to governance, risk management, and control.

For More Informaton and To Apply,  visit     https://www.hrapply.com/calpine/AppJobView.jsp?link=4069

Principal Duties and Responsibilities:

• Communicate clearly, concisely, and accurately using oral and written communications with all levels of management.

• Conduct audits on controls, processes and IT processes utilizing a risk-based approach which you help create for each    review

• Develop audit programs using a risk-based approach for specific assignments

• Support Calpine in assessing its design of internal control systems and processes including meeting with management to make the recommendation

• Provide management with an independent assessment regarding control effectiveness and appropriate coverage of risks facing the organization

• Support the Company’s Sarbanes Oxley 404 initiatives, including the testing of the effectiveness of certain internal controls and making recommendations to change the way we test for compliance.

• Maintain current knowledge of matters impacting IT, the energy industry, audit and the Company.

• Implement and support a continuous auditing/monitoring function.

• Build and maintain effective client relationships.

• Ability to draw appropriate conclusions from data presented and analyzed.

• Demonstrated functional knowledge and technical skills.

Qualifications:

• 4-year degree in computer science, management information systems, or other applicable field.

• 2 or more years of relevant IT and audit work experience.

• Minimum of 2 years IT Audit work experience.

• Varied IT experience including areas such as Windows, client/server, web-based systems, wireless systems, application development, interfaces, databases, security, project management, etc.

• Ability to develop and incorporate new technologies in the audit process.

• Ability to apply auditing protocols.

• Ability to create audit programs specific to the review.

Preferred:

• Certification such as Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) or Certified Information Systems Security Professional (CISSP).

• Audit Command Language (ACL) knowledge.

• SQL/Oracle Database knowledge.

• Be proficient in the ability to utilize PeopleSoft and other systems to extract and analyze information.

For More Informaton and To Apply,  visit     https://www.hrapply.com/calpine/AppJobView.jsp?link=4069

Calpine is an Equal Opportunity/Affirmative Action Employer

Systems and Process Assurance Professionals - Experienced Associate, Senior Associate, and Manager

PWC (Houston, Dallas, Austin, Texas, Little Rock, Arkansas )

Contact Joshua Rotko at Joshua.Rotko@us.pwc.com

Systems & Process Assurance Experienced Associate

Contact Joshua Rotko at Joshua.Rotko@us.pwc.com

Systems & Process Assurance Senior Associate

Contact Joshua Rotko at Joshua.Rotko@us.pwc.com

Systems & Process Assurance Manager

Senior IT Auditor

KBR Company (Houston, Texas)

When you become part of the KBR team, your opportunities are endless. As a leading global engineering, construction, and services company, we support the energy, hydrocarbons, government services, and civil infrastructure sectors on six continents. Serving our customers through ten diverse business segments, we offer challenging assignments on some of the world's largest and most complex projects where our clients have come to value us, because they know We Deliver.

With more than 50,000 employees around the world, we deliver top-quality service and performance in engineering, construction, operations and maintenance, logistics and project management services to clients who entrust us with their most vital projects.

Join us and you'll be part of a dynamic, elite team of professionals who understand what it takes to get a job done and has the experience, knowledge, and determination to succeed.

Position Description:

KBR is searching for a Senior IT Auditor to join the Audit Services Group. As the Senior IT Auditor you will perform audits of complex information systems and applications of the Company and its subsidiaries, including its external business partners. Functional job responsibilities will include but are not limited to:

• Understand complex business processes and information technology processes
• Ability to identify key risks for the IT audits, develop the IT audit program and execute the IT audit program
• Ability to extract and analyze data from financial and non-financial systems
• Demonstrated ability to develop, participate and sustain continuous audit / monitoring program
• Communicate effectively the audit findings to the audit manager and IT management
• Ability to multi-task effectively and prioritize tasks
• Ability to provide guidance to staff, train staff and supervise staff, if necessary
• Act as a liaison between the audit manager / supervisor
• Demonstrated ability to write report areas and to participate in audit presentations
• Build and nurture positive working relationships with the team and clients

Responsibilities:

• Interacts with process owners and control owners in areas under review, conveying the department's    guiding principles of integrity, objectivity, innovation, excellence and teamwork
• Develops audit programs designed to evaluate reliability of financial information, effectiveness of internal controls, efficiency of operations and compliance with established policies and procedures
• Documents business processes, identifying key controls and identifying process improvement opportunities
• Performs audit fieldwork
• Monitors compliance with established policies, procedures and sound business practices
• Promotes implementation of best practices to strengthen internal controls
• Prepares, assembles and organizes work papers documenting audit procedures performed
• Communicates status and findings to supervisor throughout course of audit
• Drafts audit reports, detailing audit procedures performed and findings (including strengths and weaknesses)
• Assists with preparation of control reports, status reports, scorecards and presentations
• Finalizes audit reports, incorporating management responses
• Complies with departmental policies and procedures
• Assists with special projects, as needed

Requirements:

•Undergraduate degree preferably in the area of information technology and computer science
• 4-6 years of progressive experience in IT Audits
• Certification: CIA or CISA (preferably)
• Experience in performing audits of the following areas: Oracle Financials, SAP, Oracle database, Windows based architecture, UNIX, Hyperion etc
• Experience in reviewing system implementation e.g. ERP applications and auditing project management office function
• Experience in using Microsoft Access and writing SQL queries
• Experience in use of data analysis tool like ACL, IDEA to extract data and analyze data

Benefits:

KBR offers a selection of competitive lifestyle benefits which could include a 401K plan with company match, medical, dental, vision, life insurance, AD&D, flexible spending account, disability, paid time off, or flexible work schedule. We support career advancement through professional training and development.

How to Apply:

If you are interested and meet these qualifications, please contact Melody Smith, Sr. Corporate Recruiter, at melody.smith@kbr.com and apply online at www.kbrjobs.com under requisition number 46730.

IS Auditor 

American National Insurance Company (League City, Texas)

Chartered in 1905, American National Insurance Company has evolved into an industry leader, ranking among the largest of life insurance companies in the United States. Directly and through subsidiaries, the company offers a broad line of insurance products and services, including life insurance, annuities, health insurance, property and casualty, credit insurance, and pension plan services.

For over 100 years, American National Insurance Company has been a leader and innovator in the insurance industry and is one of the most respected and financially sound insurers in the United States. If you are seeking a position with a stable yet growing company and endless opportunity for career progression, American National is the place to be.

American National’s Internal Audit team located within our attractive professional office complex in South Shore Harbour, is currently seeking a career oriented individual who desires a comfortable work life balance, for the position of: IS Auditor.  This opportunity requires less than 20 days of out-of-town travel per year, a flexible work week and only minimal overtime.

Essential Functions and Duties:

This position will be responsible for auditing the various operations of American National, its affiliates, investments and other ventures.

Minimum Requirements:

• Candidates must have a Bachelors degree (or higher) in a business-oriented major or in an Information Systems oriented major.

• CISA certification (a plus) and a minimum of 2 years of recent auditing/information systems experience ( Big 4 a plus) is required

• Knowledge and experience should include general and conceptual knowledge of information systems auditing.

• Proficient with PC applications including the Microsoft Office suite.

• Must be cognizant of internal controls and confidently question the validity of data .

• Must possess the ability to relate to and interact with various personalities at all levels and possess strong oral and written communication skills.

• Must project a professional image.

EOE

Candidates can apply by visiting our website at www.anico.com or by e-mail to chelsea.mueller@anico.com or alvin.tran@anico.com

Aporia Solutions, Inc. a Houston based IT auditing firm is seeking a senior IT security consultant.  This is a new full time position within the company.

The security consultant will provide audits and assessment for IT internal, external and wireless networks, Web application security assessment and consulting to clients to achieve superior security posture.

The consultant is expected to work individually and part of a team to manage all aspects of assessment, analysis and reports from inception to completion.

Travel is expected from 30-50% of time within Texas.  

Overall between 5 to 10 years of professional experience is desired, some of which must be in a client service capacity.

Required
* Experience in strong technical and consulting skills with subject matter expertise in the following specialties: penetration testing, application security assessments  
* Good understanding of computer security related fields, including security implementation, network security operations, security policy and security technology administration
* Readiness to travel within Texas
* Good English speaking and writing skills

Preferred
* Bachelor's Degree in Information Technology
* Certified in Certified in CISSP, CISA, GCIA or QSA.

Aporia is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, or veteran status.

Please submit your resume to Ashish Gupta at agupta@aporiasolutions.com.

Position Summary:

Under general direction, responsible for conducting and documenting complex information technology audit projects independently. Ensures accuracy of data and promotes operational efficiency. Provides technology support and in-service training for staff on the use of specialized audit software.

Immediate Supervisor:   Manager, Internal Audit

Illustrative Duties:

Plans for and performs information systems audits and reviews in accordance with professional standards. Performs non-IT related audits and reviews as assigned.

Ensures appropriate controls exist, obtains evidentiary data, prepares work papers and drafts reports of conclusions, findings and recommendations.

Provides consultation to the technology and information systems department on systems development and implementation of major computer systems.

Appraises the adequacy of corrective actions taken to improve deficient conditions. Prepares a formal report on the corrective action to management.

Performs external audit activities as assigned in accordance with agreement with external auditors.

Reviews property value study to determine whether a protest is necessary and assists in such protest.

Attends professional development training to keep informed of current best practices in auditing and accounting maintains professional certifications and/or licenses. Performs other job-related duties as assigned.

Position Requirements:

Education: Bachelor's Degree

Experience: 3 to 5 years

Other Requirements:

TYPE OF SKILL AND/OR REQUIRED LICENSING/CERTIFICATION
PeopleSoft, SAP, Microsoft Office
Office equipment (e.g., computer, copier)
Certification as a Certified Information Systems Auditor (CISA) preferred

LEADERSHIP RESPONSIBILITIES
No supervisory or direct people management responsibilities. May provide occasional work guidance, technical advice and training to staff.

WORK COMPLEXITY/INDEPENDENT JUDGMENT
Work is substantially complex, varied and regularly requires the selection and application of technical and detailed guidelines. Independent judgment is required to identify, select, and apply the most appropriate methods as well as interpret precedent. Position regularly makes recommendations to management on areas of significance to the department. Supervision received typically consists of providing direction on the more complex projects and new job duties and priorities.

BUDGET AUTHORITY
Participates in a group plan and/or budget development.

PROBLEM SOLVING

Decisions are made on both routine and non-routine matters with some latitude, but are still subject to approval. Job is occasionally expected to recommend new solutions to problems and improve existing methods or generate new ideas.

IMPACT OF DECISIONS

Decisions have minor, small and possibly incremental impact on the department or facility. Errors are usually discovered in succeeding operations where most of the work is verified or checked and is normally confined to a single department or phase of the organizational activities resulting in brief inconvenience.

COMMUNICATION/INTERACTIONS
Information sharing - gives and receives information such as options, technical direction, instructions and reporting results. Interactions are mostly with customers, own supervisor and coworkers in own and other departments.

CUSTOMER RELATIONSHIPS
Takes routine or required customer actions to meet customer needs. Responds promptly and accurately to customer complaints, inquiries and requests for information and coordinates appropriate follow-up. May handle escalated issues passed on from coworkers or subordinates.

WORKING/ENVIRONMENTAL CONDITIONS
Work is normally performed in a typical interior work environment which does not subject the employee to any hazardous or unpleasant elements.
Ability to carry and/or lift less than 15 pounds.

Please apply online here

About HP Technology Services

HP Consulting is a global business integrator delivering solutions with power, speed, passion, and precision.

Through a team of 6,000 exceptionally talented Consultants and Project Managers in 110 countries, we offer global technology solutions to multi-national, multi-site enterprise businesses in industries as diverse as financial services, manufacturing, telecom, automotive, networking, IT, CRM and e-commerce. Our work--your work--helps clients realign their IT strategies and maximize technology's ability to create or capitalize on business opportunities.

About the Role

Ability to travel 75% is mandatory.

Also mandatory is the possession of one of these certifications in current active status: CISSP, CISM, CRISC, CISA.

In this entirely customer-facing role, you will help customers define and implement complex integrated solutions that optimize their technology to secure, support, and grow their business. You'll make significant contributions to the overall success of projects, whether the optimum solutions involve people, processes, or technology.

Delivering tremendous differentiated and perceived value to customers, you'll ensure that HP provides them with the best overall service experience in the industry…you will not only ensure that projects run to plan, but also identify opportunities to provide even greater value through expanded engagements or new consulting opportunities.

This will involve solving diverse and complex problems, working exceptionally closely with customers, sharing knowledge, leveraging HP's experience and technology, and driving the creation of structured intellectual capital.

For details, open the attached job description or Apply online and search for Jobs at the HP Job Board

     Also contact: ec.gee@hp.com

Back to TOP of Page

Info Security Governance and Risk Managment Program Lead

HP Technology Services (Houston, Texas)

InfoSec Governance and Risk Management Program Lead—Houston TX

A CISSP, CRISC, or CISM certification is mandatory.

Requires up to 100% travel.  

Position is based out of Houston TX.  Relocation assistance negotiable.

 RESPONSIBILITIES

Chief Security Architect--IT Governance, Risk, and Compliance (GRC)

Our Security & Risk Management Solutions are based on HP's Information Security Service Management Reference Model (ISSM-RM), which encompasses Business, as well as IT risk management, security program design, and security control management as well as enterprise security architecture design. 

A Chief Security Solutions Architect (SSA) must be able to understand our client's desired end-state, translating their requirements to Security Solutions resulting in an architected solution to meet the client's needs.  The Chief SSA is a leadership role and may direct the activities of several other security technical consultants. 

The Chief SSA's primary role is best defined as a trusted advisor to the client's executive team, recommending appropriate and pragmatic security solutions positioned to address the client's risk profile.  The Chief SSA owns the technical and executive client relationship during detailed design and implementation phases to address changes in customer requirements and to ensure customer requirements and quality are met by the delivery team.  

The Chief SSA produces conceptual, operational, and technical architectures required to deliver comprehensive security solutions.   In addition, develops the scope of work (SOW) estimating the level of effort required for implementation.  The Chief SSA provides content knowledge in leading the consulting sales and delivery effort (without a direct reporting relationship to that function).  

Primary responsibilities include:

1.      Support Sales of IT Security Solutions - A competent Chief SSA is expected to independently serve as content knowledge expert on HPC's Security & Risk Management Solutions with external Tier 1 Corporate and Enterprise customers.   This will involve activities focused on building credibility with clients, proposal preparation, development and delivery of executive level customer presentations.  In this function, a competent SSA is expected to support the close of at least 50% of qualified new leads and 75% of follow-on opportunities.  A new hire is expected to assume the full Chief SSA role within 60-90 days.

2.      Serve as Lead Architect of IT Security Solutions - A competent Chief SSA is expected to lead the delivery effort serving as Lead Architect on client engagements, and should achieve at least 65% customer billable time architecting Security & Risk Management solutions, in addition to their presales activities.

3.      Maintain State of the Art Skills in IT Security Solutions - A Chief SSA is expected to take responsibility for updating their technical, consultative, and business skills, including knowledge related to security standards, regulations and defense-in-depth technologies.

4.      Mentor Technical Consultants - The Chief SSA will also have responsibility to mentor and coach other consultants within the practice.

5.      Contribute to HP Intellectual Property and Knowledge - An IT Chief SSA has the responsibility to ensure re-use of current HP intellectual property (IP) during delivery and ensure that all engagement-developed collateral from pre-sales and delivery is submitted into the practice knowledge repository.  The Chief SSA also leverages available collateral for efficient delivery.  May also lead the development of new sales/delivery tools and methodology.

REQUIRED EXPERIENCE

A CISSP or CISM certification is mandatory.  

Additional IT security certifications desirable.

The ideal candidate will meet or exceed the following requirements:

• 8+ years experience developing comprehensive GRC enterprise architectures and designing, integrating and implementing security programs linked to business processes with a clear vision and well defined goals.  
• Deep knowledge of ISO27001/27002 or NIST
• At least one of the following certifications:  CISM, CRISC, CISSP
• Expert level knowledge of ITIL V3
• Deep experience in ITSM
• Strong working knowledge of TOGAF and/or COBIT
• 5+ Years of relevant experience in large Enterprise Risk Management program leadership
• Experience working enterprise engagements with companies of significant scope ($10B+ in revenue, 5K+ employees)
• Experience with internal/external Security Operations centers
• Experience in Business Continuity
• Possesses a broad understanding of general security technologies, including operating systems, network security (firewalls, VPNs, IPSec), Security Event Management, Business Continuity, physical security, cryptography, Identity Management, PKI, directory services, etc.

• Has developed a complete corporate Information Security Program strategy, written corporate security policies, standards and procedures.  
• Has architected comprehensive security strategic design plans, frameworks, and project approaches according to established methodologies.
• Possesses deep understanding of security fundamentals.
• Can clearly demonstrate the ability to assess current vulnerabilities and threats, and to develop needed security policies, controls, remediation, and countermeasures.
• Demonstrates fluency with GRC tools and implementation of corporate security programs.
• Excellent communication skills (written and verbal) for interacting with all management levels within a customer organization.
• Excellent interview and documentation skills.

In addition, is able to:

• Build trusted advisor relations with CXOs at large multi-national corporations
• Identify key decision makers and project supporters.
• Create high-quality deliverables.  
• Leverage ITIL standards applied to security.
• Demonstrate sustainable and influential results and accomplishments.
• Assess compliance of security policies and practices in accordance with regulations such as Sarbanes Oxley, NERC CIP, PCI DSS, FISMA, GLBA and HIPAA. 
• Map regulations to common controls framework and in-depth understanding of the ISO 27001 standards.  
• Facilitate workshops with executive level presentations.  

For details, open the attached job description or Apply online and search for Jobs at the HP Job Board

     Also contact: ec.gee@hp.com