Cybersecurity Risk Lead (IT Audit)

Cybersecurity Risk Lead (IT Audit)

  • Location BENTONVILLE, AR
  • Career Area Technology & Software Development
  • Job Function Cybersecurity
  • Employment Type Full Time
  • Position Type Salary
  • Requisition 952823BR

What you'll do at

Does the combination of Cybersecurity, Audit, and Risk at the Fortune 1 company sound like the challenge you’ve been craving? If so, our industry leading team is looking for you.

Walmart InfoSec is seeking a Cybersecurity Risk Lead (IT Audit) to join our Bentonville, Arkansas team. The InfoSec Assessment Team is responsible for providing assurance that information security directives: support business objectives, are consistent with regulatory and industry standards, meet or exceed best practices, and adhere to enterprise policies and internal controls; all in an effort to manage the risk to the enterprise associated with use of its information assets.

The Cybersecurity Risk Lead (IT Audit) provides support by analyzing, monitoring, and assisting with remediation of IT security risks and vulnerabilities using various standards and tools (for example ISO, NIST, COBIT, CMM).

The incumbent will be expected to demonstrate up-to-date expertise and apply it to the development, execution and improvement of processes and action plans. They will also: provide advice and guidance to others in the application of related information and best practices, support and align efforts to meet customer and business needs, and build commitment for perspectives and rationales.

Key Competencies
• Knowledge of current industry methods for evaluating, implementing, and disseminating information technology (IT) security assessment, monitoring, detection, and remediation procedures utilizing standards-based concepts and capabilities.
• Knowledge of risk management processes (e.g. methods for assessing and mitigating risk).
• Knowledge of computer networking concepts and protocols and network security methodologies.
• Knowledge of Cybersecurity and privacy principles.
• Knowledge of business operations and processes.
• Knowledge of evaluation and validation techniques.
• Knowledge of different risk management frameworks.
• Ability to work with people at various levels and in diverse roles (e.g., technical experts, executives).
• Ability to adapt quickly and simultaneously manage many ongoing tasks associated with multiple projects
• Ability to apply confidentiality, integrity, and availability principles.
• Ability to interface with customers.
• Ability to prepare test and evaluation reports.
• Ability to assess security controls based on Cybersecurity principles and tenets. (e.g., ISO 27001/27002, NIST SP 800-53, Cybersecurity Framework, etc.).
• Ability to perform impact/risk assessments.
• Ability to manage client relationships, including determining client needs/requirements, managing client expectations, and demonstrating commitment to delivering quality results.
• Ability to prepare and present briefings.

Key Tasks
• Review authorization and assurance documents to confirm that the level of risk is within acceptable limits.
• Verify that application software/network/system security postures are implemented as stated, document deviations, and recommend required actions to correct those deviations.
• Perform security reviews, identify gaps in security architecture, and develop a security risk management plan.
• Perform risk analysis (e.g., threat, vulnerability, and probability of occurrence).
• Ensure that plans of actions and milestones or remediation plans are in place for vulnerabilities identified during risk assessments, audits, inspections, etc.
• Assess the effectiveness of security controls.
• Verify and update security documentation reflecting the application/system security design features.
• Plan and conduct security reviews.

Travel
• Travels up to 30% domestically or internationally to and from multiple facilities or work-sites during the workday.

Minimum Qualifications

  • Bachelor s degree in Computer Science, Information Technology, Engineering, Computer Information Systems, or risk related field and 4 years' experience in information technology or risk related field within the last 10 years OR 6 years' experience in information technology or risk related field within the last 10 years.

Preferred Qualifications

• Previous experience implementing or conducting NIST 800-53 and/or NIST Cybersecurity Framework based assessments
• 3 years’ experience in investigations, audits, or assessments, evidence handling, and document collection and retention consistent with judicial best practices.
• 2 years’ experience with risk frameworks (e.g. ISO 27001, NIST, COBIT etc.).
• 1 year experience with current and emerging technologies (for example, mobile, cloud, federation, network, cryptography, firewalls, security technologies, intrusion detection/prevention devices, penetration testing, architecture).
• CISA, CISSP and other related certifications.

About Walmart

At Walmart, we help people save money so they can live better. This mission serves as the foundation for every decision we make, from responsible sourcing to sustainability—and everything in between. As a Walmart associate, you will play an integral role in shaping the future of retail, tech, merchandising, finance and hundreds of other industries—all while affecting the lives of millions of customers all over the world. Here, your work makes an impact every day. What are you waiting for?
Walmart Associate
"I feel like my manager wants to help me become a better developer and a better person overall."
— Roel, Program Analyst

Hello, NW Arkansas

With over 200 miles of trails, an emerging locally-sourced food scene, the world-renowned Crystal Bridges Museum—NWA has something for everyone.

Discover NW Arkansas
Northwest Arkansas
NWA Crystal Bridges Museum of American Art

All the benefits you need for you and your family

  • Multiple health plan options
  • Vision & dental plans for you & dependents
  • Associate discounts in-store and online
  • Financial benefits including 401(k), stock purchase plans and more
  • Education assistance for Associate and dependents

Recently viewed jobs