|Date Posted||July 10, 2021|
Location: Trenton, NJ
Description: Our client is currently seeking a Cyber Security Specialist
The candidate must be able to work onsite once the WFH policy is lifted, so local is preferred. Those not local will be considered if they are willing to relocate at their own expense. This must be noted in the comments and on their resume. Please be sure to list the city and state that the candidate currently resides in under their name on the resume.
3+ years of Cyber Analytics
6+ years of Cyber Defense
6+ years of Cyber Security Assessment & Management
6+ years of Cyber Security Knowledge
6+ years of NIST Cybersecurity Framework
The candidate will be working in Ecosystem Security and Protection team at Bristol-Myers Squibb Company. The Ecosystem Security and Protection (ESP) program exists to understand, protect, manage, and mitigate the external risks to BMS from our supply chain, merger/acquisition strategy, geographical strategy, and data privacy regulation/compliance. The Ecosystem Security leader is responsible for leading the execution of the Supply Chain Cyber Risk program, establishing/executing assessment and remediation plans against our vendor ecosystem, and working with other cybersecurity functions to manage supplier, partner, and vendor risk.
- Continued monitoring and management of third-party engagements
- Provide timely response to inquiries from business stakeholders and vital suppliers
- Establish a business partner relationship with key suppliers, partners, and vendors within the BMS ecosystem
-Create a risk report for the leadership team that articulates risk identified during the entire M&A lifecycle.
-Lead Cyber M&A and Divestiture diligence activities in conjunction with other key stakeholders and team members.
- Mature the overall Mergers & Acquisitions due diligence processes, framework, methodology, and approach
-Lead comprehensive assessments to determine counterparty security profile
-Assess counterparty's maturity of security program through examination of security documentation, review of processes,
and interviews with key staff
-Identify gaps, assess risk, and develop remediation action plans
-Assist with the development of integration plans for acquired companies
- Actively participate in meetings and conversations around operations and configuration, and create actionable requests
and change management oversite.
- Collaborate with other Security Operations teams to manage requests.
- Provide metrics and reports related to the Cybersecurity platforms and tools.
- High level of progressively responsible experience as a risk professional
- High level of experience evaluating and managing supplier risk
-Experience defining, monitoring, and reporting Cybersecurity metrics
-Experience contributing to Cybersecurity policies and Standard Operating Procedures
-CISSP or equivalent security certification preferred.
-Excellent communication skills, both written and verbal are required.
Contact: [Click Here to Email Your Resumé]