What are the responsibilities and job description for the IT Operations Senior Specialist, Security - Audit position at Urban Science?
We are Automotive Business Scientists. We empower our clients to turn overwhelming industry data into discovery, action and measured success. We are unique market leaders because we find and examine possibilities through the clarity of a scientific lens. To solve the toughest client challenges, we need curious, creative and dedicated people to join our team.
We search out individuals who align with our core values and who adhere to the highest standards of integrity and ethics in everything they do. Our company is filled with the brightest minds and the biggest hearts at every level. We recognize that personal success takes on many different forms of the course of our lives - both professional and personally - so we provide a myriad of benefits and programs focused on Wellbeing, Growth, Community and Recognition. One size does not fit all, so we encourage every Urban Scientist to discover their own formula for success. If this sounds like the kind of company you would like to work with, Apply Now!
Position Overview
The IT Operations Senior Specialist, Security works as an integral part of the Urban Science Security Team to protect the confidentiality, integrity and availability of company and client information assets. This individual will support ISO certified information, privacy, and environmental management systems - based on ISO 27001, 27701, and 14001 Standards. This includes management of the assessable asset catalog, risk/vulnerability assessment of information assets, risk management to full remediation and closure, and provision of ISMS/risk metrics and reporting.
Workplace flexibility has taken on a whole new meaning here at Urban Science. The requirements of each team, role and employee can look quite different. Leaders work with their teams to determine the right balance for working in-person and remotely, considering the needs of the business, our clients, cross-functional projects, individual work, and individual preference. This role has current Hybrid Workplace flexibility local to our Detroit, MI office location. Candidate must be available and willing to work in-person once a month, and ad hoc as needed.
URBAN SCIENCE DOES NOT AND WILL NOT PROVIDE IMMIGRATION RELATED SPONSORSHIP FOR THIS ROLE, NOW OR IN THE FUTURE.
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This description is intended to describe the type and level of work being performed by a person assigned to this position. It is NOT an exhaustive list of all duties and responsibilities required by a person so classified. The job may require additional hours beyond a traditional 40-hour workweek.
We search out individuals who align with our core values and who adhere to the highest standards of integrity and ethics in everything they do. Our company is filled with the brightest minds and the biggest hearts at every level. We recognize that personal success takes on many different forms of the course of our lives - both professional and personally - so we provide a myriad of benefits and programs focused on Wellbeing, Growth, Community and Recognition. One size does not fit all, so we encourage every Urban Scientist to discover their own formula for success. If this sounds like the kind of company you would like to work with, Apply Now!
Position Overview
The IT Operations Senior Specialist, Security works as an integral part of the Urban Science Security Team to protect the confidentiality, integrity and availability of company and client information assets. This individual will support ISO certified information, privacy, and environmental management systems - based on ISO 27001, 27701, and 14001 Standards. This includes management of the assessable asset catalog, risk/vulnerability assessment of information assets, risk management to full remediation and closure, and provision of ISMS/risk metrics and reporting.
Workplace flexibility has taken on a whole new meaning here at Urban Science. The requirements of each team, role and employee can look quite different. Leaders work with their teams to determine the right balance for working in-person and remotely, considering the needs of the business, our clients, cross-functional projects, individual work, and individual preference. This role has current Hybrid Workplace flexibility local to our Detroit, MI office location. Candidate must be available and willing to work in-person once a month, and ad hoc as needed.
URBAN SCIENCE DOES NOT AND WILL NOT PROVIDE IMMIGRATION RELATED SPONSORSHIP FOR THIS ROLE, NOW OR IN THE FUTURE.
- Support and operations of a global ISO 27001, 27701, and 14001 information security, privacy, and environmental management system.
- Author, update, and manage ISMS documentation set including process descriptions, flow diagrams, checklists, etc.
- Manage annual internal and external audit process including interaction with audit firms, audit/auditor scheduling, participant scheduling and related tasks.
- Manage Security Intranet site including standard SharePoint, Wiki, and Power BI sites.
- Work with virtual security teams on global security implementation, remediation, and improvement projects.
- Manage security corrective action and continuous improvement process including processing nonconformity reports, creation of corrective actions, and managing corrective actions to closure
- Occasionally work with clients and account teams to provide responses to security assessments and questionnaires.
- Support regular risk assessment, controls reviews, gap assessments, and access reviews.
- Provide security/privacy expertise and support to Urban Science business and technical teams.
- Participate in relevant security training events and activities.
- Achieve and maintain relevant technical and operational security skills and certifications.
- Strong knowledge of Microsoft Office products - Word, Excel, PowerPoint.
- Knowledge of current technological developments/trends in area of expertise, and a willingness to continually improve knowledge and skills
- Ability to work in a highly confidential manner.
- Ability to work remotely and occasionally in a shared office environment (in Detroit).
- Ability to work in a highly collaborative team environment using Microsoft Teams.
- Time Management Requires strong capability to prioritize competing demands, manage multiple concurrent tasks and run meetings on schedule
- Project Management Project management skills required, including the ability to estimate work efforts, define work plans, delegate work, monitor progress and report schedule variances and scope changes; requires the ability to follow established internal PMO procedures and present project conclusions; proficiency in MS Project strongly preferred
- Verbal Communication Requires the ability to compose and verbally deliver information of varying levels, using appropriate grammar, tone, inflection and non-verbal cues, while also listening to and correctly deciphering verbal communication delivered by others
- Written Communication Requires the ability and capacity to communicate ideas, facts and data in writing using appropriate grammar, syntax and sentence structure including the ability to create technical documents
- Analytical Thinking/Reasoning Requires the ability to understand a situation by breaking it apart into smaller pieces, and/or tracing the implications of a situation in a step-by-step causal way
- Results Orientation Requires the ability to strive for optimal results by taking responsibility for timeliness, commitment to task and adherence to performance standards
- Ethics/Integrity Requires the ability to behave in a trustworthy & transparent manner
- Teamwork & Cooperation Requires the ability to work cooperatively with others and be part of a team
- Self-Control Requires the ability to keep emotions under control and to restrain from negative actions or behaviors
- Customer Service Orientation Requires the ability to understand and help/assist both internal and external customers and meet their needs
- Flexibility/Adaptability Requires the ability to adapt to and work effectively within a variety of situations, individuals or groups, as well as understand and appreciate different and opposing perspectives
- Conceptual Thinking Requires the ability to understand a situation or problem by putting the different pieces together to see the bigger picture
- Interpersonal Understanding Requires the ability to understand other’s feelings and concerns, and to value individual differences in people
- Organizational Commitment Requires the ability and willingness to align his/her own behavior with the needs, priorities and goals of the organization
- Relationship Building Requires the ability to effectively build and maintain friendly, warm relationships or networks of contacts with clients/customers
- Assertiveness Requires the ability and intent to appropriately display assertive behaviors to ensure others follow and comply with given directions
- Must have a baccalaureate degree in information technology, or related field, from an accredited U.S. college or university, or equivalent foreign institution.
- Must have a minimum of five years relevant work experience.
- Strong understanding of various risk management frameworks, such as ISO 27000, SOC2, ITIL, etc.
- Understanding of global compliance law/regulation (e.g. GDPR, CCPA/CPRA, Privacy Guard, PIPEDA, etc.)
- Knowledge of risk management system like Zen GRC.
- One or more of the following certifications is desirable (or relevant)
- ITIL - Information Technology Infrastructure Library
- ISSAP - Information Systems Security Architecture Professional
- CISA - Certified Information Systems Auditor
- CISM - Certified Information Security Manager
- CRISC - Certified Risk and Information Systems Control
- Cybersecurity Audit Certificate
- ISO Lead Auditor Certification
The work environment characteristics described here are representative of those an employee encounters while performing the essential functions of this job. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
This description is intended to describe the type and level of work being performed by a person assigned to this position. It is NOT an exhaustive list of all duties and responsibilities required by a person so classified. The job may require additional hours beyond a traditional 40-hour workweek.
