Company:

Qualcomm Semiconductor Limited:

Job Area:

Information Technology Group, Information Technology Group > IT Security

General Summary:

The Information Security & Risk Management organization is looking for a strong team player with industry experience in cyber security risk management, assessments, and audit compliance. The role will play a key part in the supply chain security assurance through onsite and remote assessments as well as performing internal security reviews.

The ideal candidate:

• Will have in-depth experience in an audit function, including standardized audit methodologies such as those associated with SOX, ISO 27001, or as dictated by the Certified Information Systems Auditor (CISA) methodologies

• Background and experience with performing general security assessments and reviews

• Will have a professional demeanor and have experience presenting to executive leadership, customers, and partners

• Will have a demonstrable track record for leveraging standard risk assessment frameworks and standardized methodologies for assessing third parties who are critical to the company product supply chain

• Exceptional communications skills desired

• Will have a track record of flexibility and versatility to adapt to the ever-changing threat environment and business drivers that influence the projects and priorities of ISRM

• Can manage complex programs or projects on a global scale with little to no direction.

• Drive propagation of security improvements through engineering and enterprise environments, including hands-on technical work as needed.

Skills/Experience

• Experience in performing security audits against key suppliers and third parties

• Performed risk assessments and security architecture reviews

• Help drive security actions to closure on key projects and programs

• Excellent cross functional relationship building skills

• 5+ years of hands on information security experience in a large-sized enterprise IT environment with thorough understanding of risk assessment and audit standards such as ISO 27001, COBIT, and NIST Cybersecurity Framework

• Support other information security and risk management activities, goals and objectives as requested.

• Other preferred skills include:

• Analytical Skills

• The ability to collect information and identify fundamental patterns/trends in simple to moderately complex data. This includes the ability to gather, integrate, and interpret information from several sources.

• Documentation

• The ability to document solutions to basic IT issues by using standard policies and procedures.

• IT Knowledge

• Understanding of IT-related content knowledge to carry out work tasks.

• IT Security

• Knowledge of IT security policies and how to apply them when working with end-users. This includes the ability to adhere to policies even when faced with end-user challenges.

• Security Monitoring

• The ability to understand how to interpret basic data from logs in networks/systems/applications in order to monitor and maintain performance, and identify security issues.

Responsibilities

• Maintains security by monitoring and ensuring compliance to security and contractual obligations of suppliers

• Enhancing the supply chain security program through alignment with risk management frameworks

• Prepares system security reports by collecting, analyzing, and summarizing risk trends

• Must be familiar with gathering system requirements, performing independent analysis and taking actions to execute on a plan.

Educational Requirements

Required: Bachelor's, Computer Engineering and/or Computer Science and/or Electrical Engineering and/or Information Technology

Desired Certifications: CISSP, CISM, CISA, CRISC

Minimum Qualifications:

• 3+ years of IT-relevant work experience with a Bachelor's degree. OR
  5+ years of IT-relevant work experience without a Bachelor’s degree.

Physical Requirements:

• Frequently transports and installs equipment up to 40 lbs.

Keywords

Cyber Security, Supply Chain Security, Third Party Risk Management, Information Security, Compliance, Audit

Applicants: Qualcomm is an equal opportunity employer. If you are an individual with a disability and need an accommodation during the application/hiring process, rest assured that Qualcomm is committed to providing an accessible process. You may e-mail disability-accomodations@qualcomm.com or call Qualcomm's toll-free number found here. Upon request, Qualcomm will provide reasonable accommodations to support individuals with disabilities to be able participate in the hiring process. Qualcomm is also committed to making our workplace accessible for individuals with disabilities. (Keep in mind that this email address is used to provide reasonable accommodations for individuals with disabilities. We will not respond here to requests for updates on applications or resume inquiries).

Qualcomm expects its employees to abide by all applicable policies and procedures, including but not limited to security and other requirements regarding protection of Company confidential information and other confidential and/or proprietary information, to the extent those requirements are permissible under applicable law.

To all Staffing and Recruiting Agencies: Our Careers Site is only for individuals seeking a job at Qualcomm. Staffing and recruiting agencies and individuals being represented by an agency are not authorized to use this site or to submit profiles, applications or resumes, and any such submissions will be considered unsolicited. Qualcomm does not accept unsolicited resumes or applications from agencies. Please do not forward resumes to our jobs alias, Qualcomm employees or any other company location. Qualcomm is not responsible for any fees related to unsolicited resumes/applications.

If you would like more information about this role, please contact Qualcomm Careers.