Senior Security Specialist-Risk Management

Full Time
Arlington, VA
Areas of Interest: Information Assurance (IA) Compliance, Systems Security Analysis
report a problem
Overview

Security is a foundational aspect of our culture at BlackBerry. Our Cyber Security Operations team provides a number of foundational components to our overall security program. We have responsibility for security incident monitoring and response, hunting for threats and the technical implementation and support of security tooling and applications. We continue to work to safeguard BlackBerry, its systems and data from attack.

The Security Risk role will be responsible for developing and managing a process of coordinating a thorough risk analysis of security findings with the business units and internal security teams within global Blackberry enterprise as relates to FedRAMP compliance. The Senior Security Specialist will be responsible for reviewing multiple available sources of information regarding vulnerabilities to systems utilized within our organization, performing initial vulnerability analysis, and engaging appropriate internal experts in providing the in-depth assessment of the impact, temporary solutions and final remediating plan.. The candidate will also be responsible for using and administrating vulnerability management and assessment tools. You will also be involved in providing information security services that meet business and information protection needs, and ensuring that information assets and environments are adequately protected. This role involves a strong technical and analytical background, as you will need to be able to discover, assess, and convey the potential impact and risk of security vulnerabilities applicable to the environment.

RESPONSBILITIES

  • Analyze, assess and recommend security controls for FedRAMP compliance
  • Perform security project management and oversight of Scrum teams for implementing security controls
  • Work with auditors, applications, infrastructure and other teams to achieve and maintain FedRAMP compliance
  • Work in a consultative manner with internal teams and provide guidance on vulnerability mitigation and other security investigations
  • Determine security risk by gathering and correlating data from various security vulnerability sources, feeds and knowledge of both the environment and threat vectors
  • Drive secure software development lifecycle (sSDLC) and security best practices
  • Monitor threat and vulnerability sources and feeds relevant to our technology
  • Regular track and reporting trending of vulnerability and risk to upper management and business organizations
  • Maintain and adjust vulnerability management policies, procedures and standards as the threat or technology landscape changes
  • Be a subject matter expert on security controls that mitigate risks to the organization 

ESSENTIAL SKILLS AND QUALIFICATIONS

  • Minimum 5-7 years of Information Security or related experience
  • Degree in Computer Science or related discipline
  • Detailed knowledge of vulnerabilities, how they affect applications and systems
  • Knowledge and understanding of vulnerabilities relating to web application technologies, platforms and languages.
  • Experience with private/hybrid clouds and very large enterprise environments.
  • Exceptional skills in written and oral communication, including the ability to compose concise and accurate assessment and audit reports and an ability to convey complex concepts to business leaders
  • Strong organization, analytic and problem solving skills, with attention to detail and reproducibility
  • Ability to work independently with limited direction, and as a member of a team
  • Must be legally authorized to work in the United States
  • Working technical knowledge of security for cloud/web applications
  • Ability to work effectively with internal teams and multiple organizations and vendors
  • FedRAMP experience considered a strong plus
  • Ability to work both independently with limited direction at most times, as well as working with others in a team environment


We are BlackBerry, a global mobile communications leader who revolutionized the industry with its introduction in 1999. Today, BlackBerry’s products and services, from messaging to enterprise mobility, are relied on by millions of individuals every day to securely and efficiently connect them to the content and people that matter most. At BlackBerry our instinct for innovation is relentless, so as we continue to push the boundaries of mobile experiences, we continue to drive the talent, passion and creativity of our employees.

©2017 BlackBerry. All right reserved. BlackBerry® and related trademarks, names, and logos are the property of BlackBerry Limited and are registered and/or used in the U.S. and countries around the world.

It is the policy of BlackBerry to ensure equal employment opportunity without discrimination or harassment on the basis of race, color, creed, religion, national origin, alienage or citizenship, status, age, sex, sexual orientation, gender identity or expression, marital or domestic/civil partnership status, disability, veteran status, genetic information, or any other basis protected by law.

EEO Minorities/Females/P​rotected​ Veteran/Disabled



Share this job:

BlackBerry

BlackBerry secures, connects and mobilizes the enterprise. To manage today’s enterprise of things, BlackBerry provides a software platform that enables and manages security, mobility and communications between and among hardware devices, programs, mobile apps and the internet of things. Founded in 1984 and based in Waterloo, Ontario, BlackBerry operates in North America, Europe, Middle East and Africa, Asia Pacific and Latin America. The Company trades under the ticker symbols “BB” on the Toronto Stock Exchange and “BBRY” on the NASDAQ. For more information, visit www.BlackBerry.com.

Specialties
Software, CyberSecurity Services, Enterprise Mobility Management, Enterprise File Sync and Share (EFSS), and Internet of Things (IoT)
Visit BlackBerry's Social Media pages:
Company Industry: Computer Software
Company Type: Public Company
Company Size: 5,001-10,000