Urban Science
IT Operations Senior Specialist, Security - Audit
Urban Science, Detroit, Michigan, United States, 48228
Overview
IT Operations Senior Specialist, Security - Audit role at Urban Science. Supports ISO certified information, privacy, and environmental management systems (ISO 27001, 27701, and 14001). Includes management of asset catalogs, risk/vulnerability assessments, remediation and reporting of ISMS/risk metrics. Hybrid workplace with in-person presence three times per week at the Detroit, MI office. URBAN SCIENCE does not provide immigration sponsorship for this role. Responsibilities
Support and operate a global ISO 27001, 27701, and 14001 information security, privacy, and environmental management system. Author, update, and manage ISMS documentation set including process descriptions, flow diagrams, checklists, etc. Manage annual internal and external audit processes including interaction with audit firms, scheduling, and related tasks. Manage Security Intranet site including standard SharePoint, Wiki, and Power BI sites. Collaborate with virtual security teams on global security implementation, remediation, and improvement projects. Manage security corrective action and continuous improvement processes, including processing nonconformity reports, creating corrective actions, and closing actions. Respond to security assessments and questionnaires as needed with clients and account teams. Support regular risk assessments, controls reviews, gap assessments, and access reviews. Provide security/privacy expertise to Urban Science business and technical teams. Participate in relevant security training events and activities. Achieve and maintain relevant technical and operational security skills and certifications. Qualifications
Strong knowledge of Microsoft Office products (Word, Excel, PowerPoint). Knowledge of current technological developments and a willingness to continually improve knowledge and skills. Ability to work in a highly confidential manner and in a remote and in-person hybrid environment (Detroit). Ability to work in a highly collaborative team environment using Microsoft Teams. Time management and prioritization skills; ability to manage multiple tasks and run meetings on schedule. Project management skills, including estimating work efforts, defining plans, delegation, monitoring progress, and reporting variances; MS Project proficiency preferred. Strong verbal and written communication skills; ability to convey information clearly and create technical documents. Analytical thinking, problem solving, and ethical integrity. Teamwork, adaptability, customer service orientation, and relationship-building abilities. Ability to work with diverse perspectives and maintain organizational commitment. Experience with risk management frameworks (ISO 27000, SOC2, ITIL) and global compliance laws/regulations (e.g., GDPR, CCPA/CPRA, PIPEDA). Knowledge of risk management tools such as ZenGRC is desirable. Education and Experience
Baccalaureate degree in information technology or a related field from an accredited institution, or equivalent. Minimum of five years relevant work experience. One or more of the following certifications is desirable: ITIL, ISSAP, CISA, CISM, CRISC, Cybersecurity Audit Certificate, ISO Lead Auditor Certification. Work Environment
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The description is not exhaustive; duties may expand, and additional hours beyond a traditional 40-hour week may be required. Employment details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Automotive
#J-18808-Ljbffr
IT Operations Senior Specialist, Security - Audit role at Urban Science. Supports ISO certified information, privacy, and environmental management systems (ISO 27001, 27701, and 14001). Includes management of asset catalogs, risk/vulnerability assessments, remediation and reporting of ISMS/risk metrics. Hybrid workplace with in-person presence three times per week at the Detroit, MI office. URBAN SCIENCE does not provide immigration sponsorship for this role. Responsibilities
Support and operate a global ISO 27001, 27701, and 14001 information security, privacy, and environmental management system. Author, update, and manage ISMS documentation set including process descriptions, flow diagrams, checklists, etc. Manage annual internal and external audit processes including interaction with audit firms, scheduling, and related tasks. Manage Security Intranet site including standard SharePoint, Wiki, and Power BI sites. Collaborate with virtual security teams on global security implementation, remediation, and improvement projects. Manage security corrective action and continuous improvement processes, including processing nonconformity reports, creating corrective actions, and closing actions. Respond to security assessments and questionnaires as needed with clients and account teams. Support regular risk assessments, controls reviews, gap assessments, and access reviews. Provide security/privacy expertise to Urban Science business and technical teams. Participate in relevant security training events and activities. Achieve and maintain relevant technical and operational security skills and certifications. Qualifications
Strong knowledge of Microsoft Office products (Word, Excel, PowerPoint). Knowledge of current technological developments and a willingness to continually improve knowledge and skills. Ability to work in a highly confidential manner and in a remote and in-person hybrid environment (Detroit). Ability to work in a highly collaborative team environment using Microsoft Teams. Time management and prioritization skills; ability to manage multiple tasks and run meetings on schedule. Project management skills, including estimating work efforts, defining plans, delegation, monitoring progress, and reporting variances; MS Project proficiency preferred. Strong verbal and written communication skills; ability to convey information clearly and create technical documents. Analytical thinking, problem solving, and ethical integrity. Teamwork, adaptability, customer service orientation, and relationship-building abilities. Ability to work with diverse perspectives and maintain organizational commitment. Experience with risk management frameworks (ISO 27000, SOC2, ITIL) and global compliance laws/regulations (e.g., GDPR, CCPA/CPRA, PIPEDA). Knowledge of risk management tools such as ZenGRC is desirable. Education and Experience
Baccalaureate degree in information technology or a related field from an accredited institution, or equivalent. Minimum of five years relevant work experience. One or more of the following certifications is desirable: ITIL, ISSAP, CISA, CISM, CRISC, Cybersecurity Audit Certificate, ISO Lead Auditor Certification. Work Environment
Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions. The description is not exhaustive; duties may expand, and additional hours beyond a traditional 40-hour week may be required. Employment details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Automotive
#J-18808-Ljbffr