Security Engineer, Governance Risks and Compliance

Delta Air Lines - Atlanta, GA

posted 7 days ago

Full-time - Mid Level
Atlanta, GA
Air Transportation

About the position

The Security Engineer - Governance, Risk, and Compliance, is a creative, well-rounded communicator who excels at the strategy and the tactics necessary to ensure that the Information Security Governance team is effectively changing organizational behavior, fostering a secure culture, and reducing security risk through well documented and communicated policies, standards, and information security metrics. This is a people-focused position with an opportunity to assist in creating new processes and solutions and drive results within a team responsible for transforming the way Information Security supports our business and helps protect the information our customers, employees and business partners entrust to our care. We believe that Delta's people play a critical role in our cyber threat defense and maintaining a vigilant and security-aware workforce is the best strategy for detecting and thwarting cyber-attacks, running a successful operation, serving our customers, and maintaining a world class workforce. In this role, you'll partner closely with others in the Information Security Division to drive aligned results and solve the big problems.

Responsibilities

  • Provide Policy and Standards subject matter leadership through the development and maintenance of Delta's Information Security policies, standards, and procedures.
  • Improve Delta's security positioning through process improvement, policy, automation, and the continuous evolution of capabilities.
  • Manage human risk and develop a strong security-driven culture where security is part of every employee's day-to-day operation and attitudes.
  • Analyze and identify the top human risks to the organization and the behaviors that must change to mitigate those risks.
  • Develop, review, implement, and maintain a security awareness training programs to mitigate human risks.
  • Ensure security awareness programs meet all industry regulations, standards, and compliance requirements.
  • Develop Key Performance Indicators (KPIs) and Key Risk Indicators (KRIs) for a metrics dashboard to track and report operational capabilities, success factors, risks, threats, and compliance metrics.
  • Ensure up to date process and procedure documentation for the team.
  • Identify process improvement/automation opportunities and innovate new ways of doing things.
  • Communicate, and deliver, the value of Information Security throughout all of Delta.
  • Work as a member of the broader GRC, IT and Delta teams.

Requirements

  • Have exceptional communications skills and the ability to tell powerful and compelling stories through excellent writing skills.
  • Demonstrated customer focus - evaluates decisions through the eyes of the customer.
  • Ability to create metrics, documentation, presentations, and procedures that communicate results effectively.
  • Organized and detail-oriented, able to work well under deadlines in a changing environment.
  • Must have a high degree of initiative and the ability to manage multiple tasks.
  • Strong interpersonal, problem solving, prioritization, presentation, and facilitation skills.
  • Demonstrated ability to work independently and with others.
  • Experience with creating and writing security policies or standards in support of organizational security programs.
  • Ability to interact confidently with various levels of technical and leadership positions.
  • Proven experience (3+ years) in governance, risk, or compliance roles in one or more of the following frameworks: PCI-DSS, SOX, NIST 800-171, NIST 800-53, CIS.
  • Consistently prioritizes safety and security of self, others, and personal data.
  • Embraces diverse people, thinking, and styles.
  • Possesses a high school diploma, GED, or high school equivalency.
  • Is at least 18 years of age and has authorization to work in the United States.

Nice-to-haves

  • Bachelor's degree or higher in a relevant field (information systems, cybersecurity, communications, behavioral science, and/or computer science).
  • Experience across Information Security and IT domains such as Governance, Risk, and Compliance, IT operations, incident response, identity and access management, penetration testing, vulnerability scanning, e-discovery & forensics, application development, infrastructure, or technical support.
  • Exposure to and familiarity with relevant standards such as ISO/IEC 27001 and 27002, NIST 800, and COBIT.
  • Experience in developing executive presentations or status communications for multiple organization roles.
  • A history of driving transformational change and building relationships across IT and the Business.
  • Creative and visual skills including graphic, web, print and slide design.
  • Working knowledge of scripting languages (e.g., Python, PowerShell) for automating tasks.
  • Excellent analytical and problem-solving skills.
  • Meticulous attention to detail and accuracy.
  • CISSP, CISA, CISM, Security+ or other relevant security certifications.
  • Experience with RSA Archer or equivalent GRC tool.

Benefits

  • Competitive salary, industry-leading profit sharing program, and performance incentives.
  • 401(k) with generous company contributions up to 9%.
  • New hires are eligible for up to 2-weeks of vacation.
  • In addition to vacation, new hires are eligible for up to 56 hours of paid personal time within a 12-month period.
  • 10 paid holidays per calendar year.
  • Birthing parents are eligible for 12-weeks of paid maternity/parental leave.
  • Non-birthing parents are eligible for 2-weeks of paid parental leave.
  • Comprehensive health benefits including medical, dental, vision, short/long term disability and life insurance benefits.
  • Family care assistance through fertility support, surrogacy and adoption assistance, lactation support, subsidized back-up care.
  • Holistic Wellbeing programs to support physical, emotional, social, and financial health.
  • Domestic and International space-available flight privileges for employees and eligible family members.
  • Career development programs to achieve your long-term career goals.
  • World-wide partnerships to engage in community service and innovative goals created to focus on sustainability.
  • Business Resource Groups created to connect employees with common interests to promote inclusion.
  • Recognition rewards and awards through the platform Unstoppable Together.
  • Access to over 500 discounts, specialty savings and voluntary benefits through Deltaperks.
Job Description Matching

Match and compare your resume to any job description

Start Matching

Tools

Career Hubs

Guides

Company

© 2024 Teal Labs, Inc
Privacy PolicyTerms of Service