Information Assurance Engineer - Governance, Risk & Compliance

Job Expired

Location: Omaha, NE

Reference Number: 092199

Closing Date: 03/31/2022 at 11:59 PM Central Time

Job Open To: Internal and External Candidates

Description

Are you looking for a Tech position where you can really make a difference for the Company? Here is your opportunity to ensure we do it right! This position is your chance to provide solutions to business stakeholders through consultation and expertise in cyber security best practices, standard IT control frameworks, and Company policies. This position ensures that the Company’s technology initiatives comply with all relevant and applicable information security and privacy standards, federal and state regulations, and industry best practices. As a member of the Information Assurance team, you will have the opportunity to grow your Cyber Security knowledge while using your current skills to improve the overall Cyber Security posture of Union Pacific. Team members perform red team testing; vulnerability assessments; forensics; administer a breadth of industry-leading security products; provide authentication and authorization services; collaborate with team members to identify, analyze and mitigate cyber threats; and consult with other IT and business teams to provide secure technology solutions for the Company. The mission of the Information Assurance group is to ensure the confidentiality, integrity, and availability of Union Pacific’s computing resources, as well as, providing a reliable and scalable security infrastructure. Team members are given the autonomy to explore new and creative solutions to securing the information technology landscape of Union Pacific.

Accountabilities

Align and maintain the Company’s cyber security policies and standards to industry compliance frameworks, such as CIS and NIST CSF
Conduct cyber security gap analysis assessments against industry standards, applicable regulations, and best practices
Work collaboratively with Business and Tech teams to assess functional and security requirements for 3rd party service solution providers
Manage multiple deliverables and timelines across teams to ensure quality, on-time product deliveries
Consult with other IT teams on secure implementation procedures for the Company’s computing environments
Lead and execute compliance audits and remediation projects within established control areas
Implement technologies and automation processes to enhance the Company’s security posture based on threats, attack vectors, and vulnerabilities
Assist in assessing, measuring, evaluating, and improving the Company’s readiness to deal with cyber security and compliance risks
Identify and evaluate: 1) business and technology risks, 2) internal controls which mitigate risks, and 3) methods and technologies to improve the internal control environment

Qualifications

Required

A Bachelor’s degree or Master’s Degree in Cyber Security, Information Assurance, Computer Science, Management Information Systems, or related field. A minimum of 6 years of recent CIS or NIST Framework Consulting experience may be taken into account in lieu of a degree
Experience implementing or assessing cyber security programs against the CIS or NIST CSF framework
Excellent written and dynamic verbal communication skills
Demonstrated understanding of industry standards (NIST 800-53, ISO 27002), control objectives, cyber threats and vulnerabilities
Strong analytical and technical skills
Demonstrated ability to work under minimal supervision
High degree of self-motivation, commitment and integrity
The ability to work well with others and as a member of a team
Flexible and able to handle stressful situations in a professional manner

Preferred

Recent experience in Windows or Linux system or security administration
Recent experience in evaluating or completing a SOC 2 Type 2 certification for an enterprise
2+ years recent experience with one or more scripting languages: perl, python, PowerShell
Prior compliance and operational experience in information security
Demonstrated experience in creating or conducting security awareness training for a large enterprise
Prior experience in data classification and sensitive information handling procedures
Prior experience creating scripts to analyze data and automate processes

Physical Requirements

While performing the responsibilities of the job, the employee will spend extended hours in front of a computer screen

Background

On a post-offer basis, Union Pacific and or its subsidiaries will conduct an investigation into newly hired or transferred employees regarding their past employment, state and federal criminal history, military history, driving history, education, professional license or certification verification if job-related, Social Security number, prior drug history, and other job-related information. Individuals must pass a background investigation for employment. Please click here to review Union Pacific’s policy regarding background investigations.

Medical

Employment with Union Pacific is contingent upon the successful completion of a health examination for newly hired or transferred employees which may include a drug screen, a color vision exam, and a fitness-for-duty assessment to ensure that candidates can safely perform the essential functions of the job, with or without reasonable accommodation. In addition, the company conducts for-cause, post-accident, and random drug and alcohol testing of its employees.

COVID-19: Union Pacific will comply with all federal executive orders requiring employees to be fully vaccinated or request a medical or religious accommodations. The vaccine requirement is currently suspended pending legal action. Union Pacific will update applicants and employees with any further information.

Equal Employment Opportunity and Reasonable Accommodation: Union Pacific supports diversity in the workplace and is an equal opportunity employer here. Union Pacific is committed to creating a diverse and inclusive workforce where equal employment opportunities are available without regard to race, color, sex, national origin, age, disability, religion, military and veteran status, sexual orientation, gender identity, gender expression, pregnancy, or genetic information. Union Pacific strictly prohibits any discrimination or harassment based on protected status. Union Pacific is committed to providing access and reasonable accommodation in its employment of individuals with disabilities. To request a disability accommodation in the application process, please use this link here to submit a request.