IT Security & Compliance Manager
Vacancy expired!
US Cloud - IT Security & Compliance Manager
About US Cloud:US Cloud is one of the fastest growing privately held companies in America. We are the #1 third-party replacement for Microsoft Support globally and are identified by 5000 List as a company with a proven track record of success in the industry. The demand for our unique tech services offering has erupted. We have triple in growth over the last 12 months and are on target to do it again this year. Our clients like L.L. Bean, Barracuda Networks, Garmin, Verifone, Quest Diagnostics, Siemens Thermo Fischer, AmeriGas, and the US State Department depend on US Cloud to keep their critical Microsoft infrastructure running. In other words, when their Help Desk needs help, we’re the ones answering the red phone. Position Summary:The IT Security & Compliance Manager will lead in enhancing and improving the organization's cyber security and compliance practices. This role is responsible for coordinating and managing security policy, compliance assessments and their activities, developing remediation strategies, and assessing mitigated controls. Responsibilities include:
- Implementing and constantly improving security policies and practices
- Instrumental in selecting and implementing technology to help the organization continually evolve from a security perspective
- Lead initiatives around annual certification/audit objectives for such areas as ISO27001, NIST, or other standards
- Respond to cyber questionnaires and customer requests regarding security
- Work with external auditors to support compliance efforts
- Perform multi-platform (cloud, application, database, and business processes) level audits based on predefined test objectives
- Perform retest of controls that have been remediated or updated due to previously identified deficiencies
- Obtain, review, and refine organizational IT policies, standards, and procedures to identify control points that would assist in mitigating risk to the business
- Conduct audits with internal and external auditors and make recommendations as needed to improve compliance and the security culture
- Review test results or interpret evidence to address vulnerabilities, gaps, or control deficiencies; work with stakeholders to establish plans for sustainable resolution
- Be fully accountable for the management, maintenance and configuration of endpoint security protection, intrusion prevention/detection systems, vulnerability management systems, data loss prevention, and others
- Perform other tasks as necessary to ensure that compliance meets its commitments to stakeholders
- 5+ years of experience in IT, Information Security, Cyber Risk Management, Compliance, or a related field.
- 3+ years’ experience in Information Security
- Advanced knowledge of cyber/information security management policies and procedures, and governance processes, information systems and network security
- Advanced knowledge of risk management techniques, technological trends and developments in cyber/information security, systems/software development, engineering, integration, testing and evaluation and operating systems
- Advanced working knowledge of applicable and accepted security standards and framework (ISO, NIST, CSF, etc.)
- Knowledge of the Microsoft 365 and Azure ecosystem
- CISSP Certification strongly preferred.
- Other desired certifications: CISA, HCISPP, CCSP, CRISC, CISM, CGIH, GCFA, GNFA, GPEN, GSEC, QSA and CEH.
- Bachelor's Degree in Computer Science or related field of study or equivalent work experience obtained through a combination of education, on the job training and certifications.
- Flextime
- Dog friendly office
- Cell phone stipend
- Paid gym membership
- Free Starbucks, soft drinks, and snacks
- Fun company events
Vacancy expired!