Senior Risk Specialist, Cybersecurity

at Wal-Mart Associates, Inc. in Bentonville, Arkansas, United States

Job Description

Duties: Monitors, analyzes, and remediates IT security risks and vulnerabilities by adhering to defined operating procedures; reviewing metrics to identify outliers, inefficiencies, and non-standard actions associated with operational processes and reporting the findings; identifying improvement opportunities and providing feedback to senior team members and management; and participating in meetings for any initiatives or tasks that will alter current processes. Analyzes and identifies risk by understanding factors of influence to impact and likelihood; building working knowledge and relationship between risk and governance; building expertise in risk analysis in multiple layers of security specialty (for example, Physical, Governance, Technical, etc.); and tracking the remediation of known vulnerabilities. Manages the execution of security initiatives by prioritizing critical issues for root-cause analysis; ensuring resolution of critical issues; monitoring progress versus plan; escalating complex or difficult issues; utilizing scope-change orders to track changes to the project; tracking expenditures and budgets; providing informational presentations; managing stakeholder expectations; holding self and project team accountable for project delivery; and developing performance reports. Leads business customers through delivery processes in completing paperwork (for example, budgets, staffing plans, change management plans, document of understanding, scope statements, and other required artifacts) by meeting with business units to develop delivery plans; creating communication plans for leadership, delivery team, and stakeholders; working with the business unit and delivery team to determine approved delivery parameters; managing the approval process for changes to delivery and/or scope; prioritizing competing demands, organizational changes, and new responsibilities; and collaborating with stakeholders to assess costs and establish the return on investment (ROI). Provides and supports the implementation of security governance by assisting in the process of governance administration and maintenance; ensuring familiarity with Walmart Information Security policies, standards, procedures and best practices; modeling various governance concepts (for example, ITIL, COBIT, Six Sigma, CMM); identifying gaps in security governance and policies; and comparing and contrasting Walmart practices and industry standards. Coordinates compliance efforts in one area of regulatory specialty by monitoring the implementation of specific information security controls; ensuring familiarity with regulatory concepts (for example, ISO, SOX, PCI, HIPAA); developing an understanding of multiple areas of compliance; and assisting in compliance assessments and remediation processes.


Minimum education and experience required: Master’s degree or the equivalent in Computer Science, Information Technology, Engineering, or related field; OR Bachelor's degree or the equivalent in Computer Science, Information Technology, Engineering or related field plus 2 years of experience in information technology or related experience; OR 5 years of experience in information technology or related experience.


Skills Required: Must have experience in: Designing and implementation of Cloud and Hybrid based architectures; Azure IaaS and PaaS based services; Designing and implementing of enterprise architectures using Cloud services (Azure Compute, Networking (Hub and Spoke, Mesh Model), Storage/data, Monitoring, Security, Identity and Governance); Azure resources (Azure SQL, Cosmos, Data Bricks, Data Factory, NSG/ASG, Azure Firewalls, Network Watchers, Routing Tables, Private Link/Endpoints, Azure VM's, Storage accounts (Blob and File), Azure Gateways, Express Routes, IPSec VPN Tunnels, Peerings (Local/Global), NAT Gateways, Peerings, Key Vaults, Load Balancers Layer 4 and 7, Azure Web/Function apps, Container services, Azure DNS (Private/Public), Azure Automation and Azure DSC, ASR, Backup, Azure Security Center, Azure Monitor, Azure AD,RBAC, Azure Policies, Monitoring (Log Analytics and App Insights); Microsoft Azure Cloud Certified; Implementing cloud security policies using industry standards (NIST, ISO 27001, PCI, HIPAA); Infrastructure as a Code (IaaC) deployments using Terraform and Azure Resource Manager (ARM) templates; Building automation using scripting languages (PowerShell, Azure CLI, Python and Bash Shell); C#.Net and Node.JS applications; Dealing with customers, internal and external partners, collaborate effectively to solve the problems; Cloud security disciplines (application security, encryption, key management, authentication/authorization and security policies); Hardening cloud security using security controls and policies around network, data and access controls; Providing technical expertise throughout product life cycle, including design, implementation and delivery of scalable infrastructural services; Ports, protocols and services used in an Enterprise; Infrastructural services (Servers, Firewalls, IPS/IDS, Backup, High Availability and Disaster recovery); Container based applications using Service Fabric and AKS orchestrators; Classes of security weakness/vulnerabilities and the mitigation controls; Monitoring and analyzing audit and security logs for the on-premises and Azure platform Solutions; Implementation of  SAML, OAuth, LDAP and Kerberos Authentication mechanisms; Azure Identity, Multi Factor Authentication, Identity protection and Conditional policies. Employer will accept any amount of experience with the required skills.

To apply for this position:  Send your resume to and reference the following Job ID number: R-802786

Copy Link

Job Posting: 3101235

Posted On: Oct 22, 2021

Updated On: Nov 22, 2021