Why Join Fortress
Fortress is the AI-powered cybersecurity company, defending critical infrastructure, government agencies, and their supply chains against cyber threats and mission risks.
The Fortress Approach: Comprehensive. Collaborative. Conclusive.
Our Core Commitments
- Relentless Execution
- Unwavering Positivity
- Commitment to Quality
- Strategic Stewardship
- Unified Collaboration
This is Fortress. Built to protect what’s Absolutely Critical.
Fortress. Absolutely Critical.
What you can expect as a Security Risk Assessor at Fortress:
The Security Risk Assessor role is an individual contributor role responsible for the timely and effective review of security assessments in accordance with service level agreements and quality standards, as well as training and overseeing the work product of less experienced staff.
Responsibilities Include:
- Consistently deliver on assigned workload, commitments, deadlines, and objectives while following established service level agreements in scope and leveraging appropriate tools, methods, frameworks, and professional standards.
- Continuously demonstrate the ability to work independently while representing the department's services with the highest level of professionalism.
- Collaborate with internal partners and third parties to enhance, mitigate, and resolve third party risks.
- Represent Fortress as a key first point of contact to our clients and their third parties.
- Execute the Validated Controls Assessment (VCA) workflow for your assigned clients.
- Perform issue remediation reviews to include identification of findings, coordinating plans and dates with the vendors, and reviewing. evidence submitted to recommend closure of findings.
- Support Managers and Account Leaders with account management activities as needed.
- Other duties as assigned.
Minimum Qualifications
- MUST HAVE at least 2 years of proven working experience in cybersecurity control reviews, operational risk management, information security, crisis management, security standards/ assessments, or risk management.
- Experience in a customer/client-facing environment.
- Solid understanding of risk management concepts, particularly around information security, IT general controls, and basic audit terminology and concepts.
- Experience working in highly regulated industries, such as financial services, energy, and/or healthcare.
- Demonstrated professional communication and client relationship skills.
- Attention to detail, sound judgement, logical thinking, and proven ability to follow established scripts/consistency models, drive tasks to completion, meet deadlines in a fast-paced environment, and adapt to changing business environment with periodic supervision.
- Strong computer skills, including MS Office Suite and other business software.
- Understanding of information security frameworks (e.g., NIST 800-53, NIST CSF, ISO 27001).
- Ambition, drive, sharp vision and a great attitude.
Preferred Experience
- Big 4 experience.
- Record of accomplishment of success/top performer.
- Experience working in highly regulated industries such as financial services (PCI, GLBA), energy (NERC CIP), and/or healthcare (HIPPA) is a plus.
- Proven experience effectively prioritizing schedule and flexing workload to meet tight deadlines and challenging work objectives.
Education
- Bachelor’s degree preferred
- Associate degree
Preferred Licensing/Certifications
- Certification in security or risk management (CTPRP, CRISC, CISA, CISSP, Security+).
Employee Benefits
- Remote and Hybrid working environment
- Competitive pay structure
- Medical, dental, vision plans with employees covered up to 90% with highly progressive options for dependents and families
- Company paid life, short- and long-term disability insurance
- Employee Assistance Program
- 401(k) match
- Flexible Paid Time Off
- Parental Leave
- Access to thousands of Learning & Development courses that range from mental health and wellbeing, stress, and time management to an array of technical and business-related courses
Employment Perks
- We provide each employee with professional growth opportunities through succession planning, up-skilling, and certifications
- Tuition and certification reimbursement
- Employee Referral Programs
- Company Sponsored Events
Fortress is proud to be an Equal Opportunity Employer. All employees and applicants will receive consideration for employment without regard to age, color, disability, gender, national origin, race, religion, sexual orientation, gender identity, protected veteran status, or any other classification protected by federal, state, or local law. Fortress Information Security takes part in the E-Verify process for all new hires.
For positions located in the US, the following conditions apply. If you are made a conditional offer of employment, you will have to undergo a drug test. ADA Disclaimer: In developing this job description care was taken to include all competencies needed to successfully perform in this position. However, for Americans with Disabilities Act (ADA) purposes, the essential functions of the job may or may not have been described for purposes of ADA reasonable accommodation. All reasonable accommodation requests will be reviewed and evaluated on a case-by-case basis.