IT Security Contractor
SUMMARY OF POSITION
Amicus is seeking a highly skilled and motivated Security Professional to join our team. You will be working with other Cyber Security & IT professionals at Amicus to help manage the security, compliance, and governance controls of our organization. Your expertise in Cybersecurity Risk Management and related standards will be essential, working as part of a multi-disciplinary team, as well as individual contributor.
ROLES AND RESPONSIBILITIES
The Cyber Security Professional is responsible for:
1. Compliance and Risk Management:
• Conduct risk assessments and gap analyses to identify vulnerabilities and recommend mitigation strategies.
• Ensure adherence to security policies, controls, and best practices.
2. Governance:
• Establish and manage the security policy framework, including relevant standards.
• Liaise with senior leadership to provide strategic guidance on security governance.
• Oversee security, privacy, contractual, and compliance requirements.
3. Security Controls and Assessments:
• Define and assess security controls based on NIST CSF guidelines.
• Collaborate with internal teams to implement and validate controls.
• Conduct periodic security assessments and audits.
4. Incident Response and Recovery:
• Participate in incident response planning and execution.
• Assist in post-incident analysis and remediation efforts.
5. Vendor and Third-Party Risk Management:
• Evaluate security risks associated with vendors, partners, and suppliers.
• Ensure contractual agreements align with security standards.
6. Improving Documentation:
• Enhance existing security documentation, including policies, procedures, and guidelines.
• Create clear and concise documentation for security processes and practices.
QUALIFICATIONS AND BACKGROUND REQUIREMENTS
Educational Requirements
• University degree in computer science or information technology and/or equivalent 10+ year work experience.
• CISSP, CISM, CRISC or similar IT Security Related certification.
• Strong understanding of security governance, risk management, compliance, privacy/GDPR/CCPA
• Excellent communication skills to collaborate with cross-functional teams and senior leadership.
Technology & Work Experience
• Experience in GRC tool such as OneTrust, DataGrail, TrustCloud.
• ServiceNow or similar ServiceDesk ticketing system
• Microsoft Security Stack (Sentinel, MS 365 Defender and Defender for Cloud, Intune)
• MimeCast or similar email security service
• Rapid7 or similar Vulnerability assessment tool or equivalent
• Cyber Security Awareness experience, preferably with Knowbe4
• Remote Access VPN/Single Sign On, MFA, 2FA solutions
• Malware analysis / Mitre ATT&CK / Anomaly detection
• DocuSign or equivalent electronic signing tool
• Identity Access Management
Location
• This position will be based at 47 Hulfish Street, Princeton, NJ 08542.
We respect and celebrate the diversity of our people, their backgrounds and experiences and provide equal opportunity for all. Our unique experiences, backgrounds and range of cultural perspectives enrich how we approach opportunities, pushing ideas as far and as fast as possible with patients always our top priority. Employee expertise, intelligence, and creativity drives our innovation, and our passion and commitment to excellence. Our “Three Pillars of DEI” are interwoven into our Amicus culture and expands one person, one word, and one act at a time. For our employees, these three pillars are a touchstone for inspiration, guidance, and encouragement.
Amicus is an Equal Opportunity Employer and will judge all applicants based on their qualifications for the job, without regard to race, color, sex, religion, national origin, age, disability, sexual orientation, gender identity, protected veteran, disability status or any other characteristics protected by applicable federal, state or local law.