·        Extreme Networks is seeking a manager to be join the Information Security leadership team to be a thought leader on all aspects of IT Risk Management.  The manager will be responsible for leading, developing, managing, and communicating information security risks across the organization, adopting innovative methods to align with business priorities.  The successful candidate for this position will both be able to champion and develop a governance methodology that informs management of IT risk across the organization; as well as interpret operational security issues and translate them in to business based risk language. This position will requires superior communication, networking, leadership and governance technology skills.

 

 

 Main Requirements:

·        Risk Management

o   Maintain and develop consistent reporting and tracking protocols for identified IT risks including ownership, potential business impact, technical and wider operations implications

o   Review and process policy exception requests

o   Communicate with business leaders, at all levels of the organization, IT risks, potential business value or impact, based on IT Risk Register, using the NIST Cyber Framework as a baseline

o   Track and record IT risks as become aware, including related to the 3rd parties and supply chain

o   Manages configuration and implementation of metrics for risk governance

o   Have a good working knowledge of various technologies including network & organizational security; Encryption, Log Monitoring, Firewall Management, Virus & Malware Protection, Compliance, Access Control, NIPS, NIDS, Physical Security, Surveillance Systems; to be able to understand and have detailed conversation with team to understand and interpret risks

o   Maintains governance leading practices to inform program direction

 

·        Supply Chain IT Risk

o   Develop and improve the maturity and effectiveness of the 3rd party and supply chain IT risk assessment program

o   Ability to interpret supply chain risks in light of business requirements and operations, to determine enterprise risk

o   Create, maintain, and report metrics related to global information security program.

o   Understanding of data privacy and legal requirements as they interconnect with security and 3rd party risk assessments

 

·        Experience running an IT Risk Register, including reporting, escalation and resul interpretation

·        Experience with NIST Cyber Risk Framework and other risk frameworks.

·        Experience with running 3rd Party IT Risk Assessment programs

·        Must have strong planning and organizational skills

·        Ability to grasp complex concepts and be both a big picture thinker and maintain a strong attention to detail

·        Excellent communication and writing skills; accuracy and consistency is important

·        Ability to understand technical jargon and communicate easily to the average user and system engineers

·        Maintain confidentiality of information

·        Must be able to prioritize projects, maintaining a sense of urgency to meet deadlines.

·        Must possess the ability to follow verbal and written directions

·        Must be a self-starter and able to work well in independently and in Team

·        Must be able to use critical thinking skills and judgment

·        Must be able to work positively and professionally with a wide range of personalities

 

 

 

 

Extreme Networks, Inc. (EXTR) creates effortless networking experiences that enable all of us to advance. We push the boundaries of technology leveraging the powers of machine learning, artificial intelligence, analytics, and automation. Over 50,000 customers globally trust our end-to-end, cloud-driven networking solutions and rely on our top-rated services and support to accelerate their digital transformation efforts and deliver progress like never before. For more information, visit Extreme's website or follow us on Twitter, LinkedIn, and Facebook.