Risk Specialist - Information Security

Eaton's Corporate Sector division is currently seeking a Risk Specialist - Information Security.

The Risk Specialist supports information security and cybersecurity risk assessments across the organization, documents compliance with regulatory requirements and information security policies, and helps maintain reports on information security metrics. They will gain a solid understanding of company security guidelines and procedures and will analyze assessments to calculate risk to the organization as well as maintaining inventory of previously assessed risks and exceptions. The Risk Specialist will collaborate with process owners, internal auditors, external auditors, and other stakeholders in order to assist in reviewing, monitoring, and resolving findings. The Risk Specialist will also contribute to the transformation of the company's IT compliance program.

The expected annual salary range for this role is $105000.03 - $154000.04 a year.

Please note the salary information shown above is a general guideline only. Salaries are based upon candidate skills, experience, and qualifications, as well as market and business considerations.

What you'll do:

Basic qualities necessary for success in this role include the capacity to remain flexible and attentive under stress while handling several deliveries under strict goal delivery deadlines. You need to have a solid understanding of technology, risk, and security, in addition to strong organization skills and the ability to feel comfortable speaking to upper management and giving presentations.

• 
  

  Level 2 risk assessments for GRC requests.

  
  


• 
  

  Maintain inventory of key risk indicators, key performance indicators, and other cyber security insights derived from multiple information sources.

  
  


• 
  

  Track enterprise compliance across multiple security frameworks and maintain records of requirements and mitigating controls.

  
  


• 
  

  Support routine monthly reporting with an emphasis on control and final delivery of the written components of the report, maintaining high standards of output.

  
  


• 
  

  Draft report content from initial concept to finished product, including associated technological risk assessments, technical concept summaries in business terminology, information follow-ups, grammar and spelling format, etc.

  
  


• 
  

  Assist Risk Senior Specialist to drive the metrics and reporting program to a higher degree of maturity by performing technological risk analysis and examining documentation in the development of new measurements and the maintenance of existing metrics.

  
  


• 
  

  Suggest new reports, communication, and reporting methods.

  
  


• 
  

  Conduct the annual metrics inventory review.

  
  


• 
  

  Maintain the quarterly risk dashboard, the annual operational risk assessment, and the maintenance of the risk profile statement.

  
  


• 
  

  Build metrics and reports in collaboration with business partners across the enterprise.

  
  


• 
  

  Assist advising business and technology leaders of complex technological ideas and related risk analysis findings.

  
  


• 
  

  Work together with key partners to advance projects and objectives by fostering consensus and influencing decision-making.

  
  

#LI-AL9

Qualifications:

Bachelor's Degree from an accredited institution.

• 
  

  5+ years of experience with cybersecurity or information security governance

  
  


• 
  

  Experience creating metrics (KPI/KRI) and reporting, including creating and displaying reports

  
  


• 
  

  Experience conducting technology and cybersecurity risk assessments and creating risk profiles

  
  


• 
  

  Knowledge of security policies, standards, and practices

  
  


• 
  

  Strong knowledge of the network security, infrastructure, operations, and systems of information technology

  
  


• 
  

  Adaptable with exceptional organizational skills

  
  


• 
  

  Ability to collaborate effectively with people at all levels of leadership

  
  


• 
  

  Excellent written communication skills, including the capacity to modify one's writing style for various audiences and media and to express technical ideas using non-technical language

  
  


• 
  

  Must be legally authorized to work in the United States without sponsorship now or in the future.

  
  


• 
  

  This position requires use of information or access to hardware which is subject to the International Traffic in Arms Regulations (ITAR). All applicants must be U.S. persons within the meaning of ITAR. ITAR defines a U.S. person as a U.S. Citizen, U.S. Permanent Resident (i.e. 'Green Card Holder'), Political Asylee, or Refugee

  
  


• 
  

  No relocation benefit is being offered for this position. Candidates must reside within a 50-mile radius of Eaton US-Core location to be considered for this opportunity.

  
  

Preferred qualifications:

• 
  

  Experience with PowerBI

  
  


• 
  

  Certification in CISSP, CRISC, or CISM

  
  

Skills:

• 
  

  Thorough understanding of risk management frameworks such as NIST, CMMC, and ISO 27001

  
  


• 
  

  Knowledge of Governance, Risk, and Compliance (GRC)

  
  


• 
  

  Intermediate technical knowledge and solid understanding of computer hardware and software, data management, application programming, data communications, operating systems, utilities and data security."

  
  


• 
  

  Ability to relentlessly drive to solution that enables the business within risk appetite.

  
  


• 
  

  Excellent communication and presentation skills.

  
  


• 
  

  Patience and empathy working with mentees and people new to Agile.

  
  


• 
  

  Comfortable working directly with both technical and non-technical audiences.

  
  


• 
  

  Interact effectively with senior leadership.

  
  


• 
  

  Excellent listening skills with the intention of understanding.

  
  


• 
  

  Experience working with diverse, global cultures, organizations and teams.

  
  


• 
  

  Comfortable working with and coordinating cross-functional teams.

  
  


• 
  

  An influencer, pragmatic, and able to simplify complex information translating into business terms."

  
  

We are committed to ensuring equal employment opportunities for all job applicants and employees. Employment decisions are based upon job-related reasons regardless of an applicant's race, color, religion, sex, sexual orientation, gender identity, age, national origin, disability, marital status, genetic information, protected veteran status, or any other status protected by law.

Eaton considers qualified applicants regardless of criminal histories, consistent with local laws. To request a disability-related reasonable accommodation to assist you in your job search, application or interview process, please call us at 1-800-###-#### to discuss your specific need. Only accommodation requests will be accepted by this phone number.

We know that good benefit programs are important to employees and their families. Eaton provides various Health and Welfare benefits as well as Retirement benefits, and several programs that provide for paid and unpaid time away from work. Click here ( Benefits updated 10.24.22.pdf) for more detail: Eaton Benefits Overview. Please note that specific programs and options available to an employee may depend on eligibility factors such as geographic location, date of hire, and the applicability of collective bargaining agreements.