About the Company:
Founded in 1874 on the belief that water boilers in textile mills shouldn't explode. What started with a pressure relief valve in a tiny New England machine shop has paved the way for today's high-quality, worldwide water solution technologies. From melting ice on entire city blocks from the ground up, to filtering safe drinking water in isolated, weather disaster zones, the company makes the world a safer and cleaner place.
A global leader of quality water solutions for residential, industrial, municipal, and commercial settings. The family of brands offers one of the most varied product lines in the world, with world-class, water-related solutions focused on:
HVAC and Hot Water
Plumbing & Flow Control
Water Quality & Rainwater Harvesting
Figure out inherent risks of current and prospective third-party products, services and data partnerships
Design and execute third-party security assessments and prioritize control remediation as appropriate
Review processes and build metrics that help educate internal organizational leaders on their third-party’s information security profile
Demonstrate strong knowledge in IT controls, risk assessments, gap assessments and the design and testing of security controls
Work with external audit teams for NIST, PCI, SOC and other audits
Bachelor’s degree in information security, Computer Science, Management Information Systems or related field preferred.
Professional certifications in Information Security or Risk Management (e.g., CTPRA, CTPRP, CISA, CISM, CRISC, or CISSP)
Minimum 5+ years of related work experience in Information Security GRC or relevant Audit or Compliance roles.
Familiar with information security frameworks (e.g., ISO 27001/2, SOX IT Controls, COBIT, SOC 2 Trust Principles, PCI DSS, NIST 800-53/CSF).
Prior experience with conducting and analyzing security risk assessments complex organizations.
Experience with enterprise security monitoring and vulnerability scanning tools (i.e. Nikito, Netsparker, Nexpose, Qualys or OpenVas)
Experience organizing tabletop exercises for disaster recovery and incident response
Flexible, adaptable, and work easily with other people in a collaborative team environment.
Able to communicate relevant information clearly and concisely both verbally and in writing.
Able to work independently on multi-task assignments in a fast-paced environment and high sense of urgency.