• Monitors, analyzes, and remediates IT security risks and vulnerabilities by adhering to defined operating procedures; reviewing metrics to identify outliers, inefficiencies, and non-standard actions associated with operational processes and reporting the findings; identifying improvement opportunities and providing feedback to senior team members and management; and participating in meetings for any initiatives or tasks that will alter current processes.
• Coordinates compliance efforts in one area of regulatory specialty by monitoring the implementation of specific information security controls; ensuring proficiency with regulatory concepts for example, ISO, SOX, PCI, HIPAA¨; maintaining an understanding of multiple areas of compliance; managing multiple compliance assessments and remediation processes; identifying security compliance assessment and remediation process improvement; defining and/or implementing solutions to assess compliance and reduce risk; and presenting results and analysis of assessment and remediation activity to senior management.
• Manages the execution of basic security initiatives by prioritizing critical issues for root-cause analysis; ensuring resolution of critical issues; monitoring progress versus plan; escalating complex or difficult issues; utilizing scope-change orders to track changes to the project; minimizing impact of changes (for example, scope, schedule, costs); tracking expenditures and budgets; providing informational presentations; managing stakeholder expectations; holding self and project team accountable for project delivery; developing performance reports; and collaborating with stakeholders to assess costs and establish the return on investment (ROI).
• Manages the implementation of security governance by leading the process of governance administration and maintenance; ensuring familiarity with Walmart Information Security policies, standards, procedures, and best practices; modeling various governance concepts for example, ITIL, COBIT, Six Sigma, CMM¨; developing recommended remediation for gaps in security governance and policies through collaboration and consensus building; comparing and contrasting Walmart practices and industry standards; reviewing governance broadly for overlap and inconsistencies of operational, Security, and management practices; and maintaining familiarity with legislative process and pending legislation.
• Analyzes and identifies risk by understanding basic factors of influence to impact and likelihood; building working knowledge and relationship between risk and governance; building expertise in risk analysis in multiple layers of security specialty for example, Physical, Governance, Technical, etc.¨; and developing risk mitigation strategies for identified vulnerabilities; representing risk in multiple areas or domains; defining risks based on criticality, frequency, or level of impacts; and reporting to senior management risk observations.
• Builds vendor relations by preparing and executing request for proposals (RFPs); facilitating the vendor selection process; reviewing statements of work; ensuring compliance to vendor contracts; and reporting on vendor contract execution.
• Drives the execution of multiple business plans and projects by identifying customer and operational needs; developing and communicating business plans and priorities; removing barriers and obstacles that impact performance; providing resources; identifying performance standards; measuring progress and adjusting performance accordingly; developing contingency plans; and demonstrating adaptability and supporting continuous learning.
• Provides supervision and development opportunities for associates by selecting and training; mentoring; assigning duties; building a team-based work environment; establishing performance expectations and conducting regular performance evaluations; providing recognition and rewards; coaching for success and improvement; and ensuring diversity aw
Manager's Ideal Candidate Must-Haves:
• BS in technical field of study or 10+ years of Information Security experience
• 5 years’ experience in performing technical risk assessments at an organizational, network and/or solution level;
• Ability to understand and speak to the current cybersecurity threat landscape (and how it applies to our business);
• Excellent communications skills, both verbal and written; and
• Experience working in a fast-paced, highly collaborative environment, using research and analysis to support recommendations and opinions.
• Desired certifications: CISSP, CRISC, CRMA, GCIA, GSEC
• Drives the execution of multiple business plans and projects for Information Systems Division (ISD)
• Ensures business needs are being met
• Leads system and vulnerability analysis and solution resolution.
• Maintains and advances industry expertise
• Mentors information technology Associates
• Promotes and supports company policies, procedures, mission, values, and standards of ethics and integrity
• Provides direction and coordination between large efforts and the technical execution plan
• Provides leadership, technical direction and development opportunities for associates
Minimum Qualifications: Bachelor s degree in Information Technology, Computer Science, or related field and 6 years’ experience in information technology or related field within the last 10 years OR 8 years’ experience in information technology or related field within the last 10 years.