Leveraging deep integrations into retailers' point-of-sale systems, InComm provides connectivity to a variety of service providers that allow consumers to conduct everyday business at more than 450,000 points of retail distribution worldwide. Whether those consumers are activating prepaid products, paying bills, enjoying real-time discounts through a membership card, purchasing digital goods in-store or adding funds to an online account, InComm is there to provide unique gift-gifting opportunities, cater to on-the-go shoppers, deliver added value through loyalty programs and serve cash-based consumers. With 186 global patents, InComm is headquartered in Atlanta with a presence in over 30 countries in North and South America, Europe and the Asia-Pacific region. Learn more at www.incomm.com or connect with us on www.twitter.com/incomm, www.facebook.com/incomm, www.linkedin.com/company/incomm or www.incomm.com/blog.
About This Opportunity
This position has been designed to serve as an in-house subject matter expert and advisor on Cybersecurity. The key responsibilities for this role will be conducting cybersecurity risk, threat and vulnerability assessments for InComm and its corporate entities, monitoring the effectiveness of risk mitigation strategies, advising the business on best practices and monitoring cybersecurity program performance. The candidate will actively work with Enterprise Data Protection (InfoSec), ERM and IT on risk communications and reporting.
Why InComm? InComm offers an opportunity to work in the interesting niche of fin-tech. We are producing technologies and services that impact consumer shopping in most parts of the world and partner with many of the world's well-known brands and retailers. This is an opportunity to bring your IT and Security knowledge to a to a sector that is constantly evolving, fast paced, and unique.
Execute ongoing cybersecurity risk assessment and maintain associated risk registers
Support assessments and testing of controls for SOC1/SOC2, PCI and other compliance activities
Record and assess threats and vulnerabilities with the company's IT environment
Communicate risk and security issues to multiple stakeholder groups (i.e. translate technical risks into a business context)
Develop reporting on cybersecurity risk profile and cybersecurity effectiveness to the Enterprise Risk Committee
Investigate and analyze significant internal and external risks events
Maintain cybersecurity assessment procedures and ensure procedures align with leading practices and guidance
Collaborate with business stakeholders to advise on application security controls and secure develop practices
Evaluate and assist with security awareness activities
Support risk management activities for third and fourth party cybersecurity risks
Bachelor's degree in information systems, business, computer science or similar degree
5-7 years of experience in risk management, audits, compliance and/or cybersecurity
Certifications such as the CISSP, CISA or CRISC
Knowledge, Skills and Capabilities
NIST cybersecurity framework
Cybersecurity and reporting tools
IT general controls (ITGC) and secure development (SDLC)
CVE and CVSS Risk Scores
OSWAP top ten.
Vulnerability management and Sever System Patching
InComm provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin, citizenship, veteran's status, age, disability status, genetics or any other category protected by federal, state, or local law.