Essential Functions/Responsibilities: 

• Support information security risk management programs. 

• Be the advocate for information security risk management, engage with stakeholders, support the identification of security risks and risk exceptions to treatment. 

• Ensure identified security risks impacting the company are effectively evaluated and communicated.  

• Collaborate with stakeholders on remediation and risk mitigation activities, including tracking and progress of action plans across compliance, policy, and process gap remediation activities and risk mitigation activities in partnership with internal business partners. 

• Manage dashboards that deliver practical, meaningful security risk metrics to internal and external stakeholders. 

• Participate in technical design, process reviews, and support stakeholders in risk identification. 

• Assist in building a security-focused culture through partnership and collaboration with the business, information services, and other risk-related (e.g., Quality, Legal, Compliance, etc.) teams to deliver value and improve the security posture of Jazz. 

• Drive Security Compliance through a quantitative risk framework. 

• Conduct and automate gap assessments for IaaS, PaaS and SaaS. 

• Drive Security Compliance visibility 

• Support a security advocacy program 

Required Knowledge, Skills, and Abilities: 

• A minimum of 3-5 years' experience supporting security (technical and non-technical) risks  

• Excellent written and verbal communication skills; ability to convey security concepts to non-technical audiences (e.g. senior and executive management, internal customers) 

• Ability to articulate and demonstrate a risk-relevant approach for Information Security Risk Management 

• Basic understanding of IT Systems, Network Security Concepts, Cloud Security concepts, Virtualization, Threat and Vulnerability Management, etc. 

• Ongoing familiarity with emerging and prevalent technologies and IT systems 

• Strong analytical, risk-based problem solving and critical thinking skills and the ability to support decisions that balance Information security while also enabling business objectives 

• Ability to work independently on assigned tasks with minimal direction and/or supervision 

• Familiarity with Security Risk Frameworks such as FAIR, OCTAVE or CRAMM 

• Solid understanding and experience with securing IaaS, PaaS and SaaS 

• Understanding of secure code development frameworks and practices 

• Security certifications are a strong plus (CISA, CISSP, CRISC, CISM or equivalent) 

• Demonstrated ability to collaborate with technical and non-technical teams 

• Experience in working in a global cross-functional project team, along with strong technical expertise preferred 

• Experience in automation 

• Experience in security frameworks such as ISO 27001, 27002, 27005; NIST 

• Bachelor's degree preferred