Senior InfoSec Governance Specialist
- Location BENTONVILLE, AR
- Department Technology & Software Development
- Team Information Technology
- Employment Type Full Time
- Position Salary
- Requisition 894168BR
What you'll doDo you believe the pen is mightier than the sword; even in the arena of cybersecurity and risk management? Does tackling cybersecurity and risk at the Fortune 1 company through implementation of best-in-class governance sound like the challenge you’ve been craving? If so, we’re looking for you!
Walmart InfoSec is seeking a senior information security governance specialist to join our Bentonville, Arkansas team. The InfoSec governance team is responsible for providing assurance that information security directives: support business objectives, are consistent with regulatory and industry standards, meet or exceed best practices, adhere to enterprise policies and internal controls, and clarify roles and responsibility for execution; all in an effort to manage the risk to the enterprise associated with use of its information assets.
The senior InfoSec governance specialist provides and supports the implementation of security governance by assisting in the process of governance administration and maintenance; ensuring familiarity with Walmart InfoSec directives; modeling various governance concepts (for example, ITIL, COBIT, Six Sigma, CMM); and developing recommended remediation for gaps in security governance and policies through collaboration and consensus building.
The incumbent will be expected to demonstrate up-to-date expertise and apply it to the development, execution and improvement of action plans. They will also: provide expert advice and guidance to others in the application of related information and best practices, support and align efforts to meet customer and business needs, and build commitment for perspectives and rationales.
• Broad knowledge of IT and intermediate knowledge of IT security and risk management subjects
• Proven ability to work with people at various levels and in diverse roles (e.g., technical experts, executives) to produce enforceable governance understandable by its intended audience
• Intermediate knowledge of governance frameworks (especially COBIT) and common standards bodies (especially NIST and ISO)
• Writing appropriately for various audiences
• Reading for deep comprehension with the ability to provide executive summarization (including for complicated documents such as legal documents, laws, regulations, etc.)
• Excellent grammar, style and formatting skills for various types of written content
• Proven success working with communications and awareness professionals to produce educational material tied to directives
• Proven success working with higher level governance organizations to ensure alignment with governing standards and processes
• Proven experience conducting research into governance questions from a broad spectrum of customers and providing an accurate and timely response
• Ability to see the broader picture and where InfoSec directives fit into it and each other
• Demonstrated ability to drive improvement and reduce complexity and redundancy, preferably using mature methods such as Six Sigma or Lean
• Highly organized and adept at simultaneously managing many ongoing tasks associated with multiple projects
• Analyze organizational information security policy
• Author InfoSec policy and other governance documents
• Ensure InfoSec directives are maintained and reviewed in accordance with company standards
• Assess governance needs and collaborate with stakeholders to develop directives to drive company and organizational activities
• Ensure established strategy intrinsically drives organizational governance
• Identify organizational policy stakeholders, and establish and maintain appropriate working relationships and communication channels
• Provide InfoSec policy guidance to IT management, staff and users
• Research applicable laws, statutes, regulations and standards, and integrate them into policy as appropriate
• Manage deviations from InfoSec governance, including evaluation of the risk associated with approving such requests
- Bachelor s degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or risk related field and 2 years' experience in information technology or risk related field within the last 7 years OR 5 years' experience in information technology or risk related field within the last 7 years OR a Master's degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or risk related field.
CISSP (with ISSMP a plus)
"I feel like my manager wants to help me become a better developer and a better person overall."
Hello, NW Arkansas
With over 200 miles of trails, an emerging locally-sourced food scene, the world-renowned Crystal Bridges Museum—NWA has something for everyone.Discover NW Arkansas
Crystal Bridges Museum
Celebrate the American spirit in a setting that unites the beauty of art and the power of nature.
Walton Arts Center
Arkansas' premiere center for visual arts and entertainment.
An interactive children's museum that's fun for the whole family.
42 acres of premiere public garden space.
Devil's Den State Park
Located on 2,500 acres, Devil's Den State Park is the perfect place to explore Arkansas' natural beauty.
- come together
The best of shopping and restaurants, right in the heart of Fayetteville.
All the benefits you need for you and your family
- Multiple health plan options
- Vision & dental plans for you & dependents
- Associate discounts in-store and online
- Financial benefits including 401(k), stock purchase plans and more
- Education assistance for Associate and dependents