11 Apr
IT Security Specialist
Vacancy expired!
- Develops, implements, and maintains The clientwide security standards, guidelines, policies, and procedures based on best practices and compliance requirements; recommends security enhancements;
- Ensures ongoing security compliance and prevents the unauthorized use, release, modification, or destruction of data;
- Oversees the development of risk programs to achieve required risk tolerance levels; assists departments to establish appropriate risk levels;
- Designs secure business processes in conjunction with The client departments, based upon defined risk tolerance levels;
- Works with the security engineers to schedule testing of systems (scans, system test and evaluation) and examines active monitoring to ensure controls are in place and are effective;
- Evaluates security incidents, develops solutions, and communicates results to technical staff and management;
- Collaborates with the department IT managers outside of the Technology Services and Solutions to ensure information security and privacy risks are identified, documented and addressed in a timely manner; tracks corrective action plans;
- Provides consulting, training, and security awareness services to other departments to effectively interact with The client Information Security and leverage centralized control capabilities within their operating environment;
- Conducts information security risk assessments within the Technology Services and Solutions and on an enterprise-wide basis;
- Conducts periodic departmental security audits; identifies noncompliance and recommends corrective actions to comply with Federal regulations and The client policy;
- Advises management of risks and best security practices; prepares status reports for managers regarding compliance issues and provides regulatory updates;
- Enforces information security standards, guidelines, policies, and procedures;
- Leads key cross-functional efforts to assess and improve the control environment or ensure regulatory compliance;
- Leads key cross-functional efforts to assess and improve the control environment or ensure regulatory compliance;
- Assesses the impact of external actions on computer systems and networks and determines whether the The client has been subjected to a system failure, a computer related crime, or potentially hostile information warfare;
- Conducts security research to stay abreast of security issues and industry trends;
- Sufficient education, training, and experience to demonstrate the ability to perform the above tasks and the attainment of the knowledge and abilities listed below.
- Five (5) years of increasingly responsible experience in the information security technology field. Experience with project management; direct audit activities; information assurance; risk management; or in a compliance environment, with emphasis in IT or Healthcare, is desirable
- Certification in audit and/or risk management such as Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), and/or Certified Information Systems Security Professional (CISSP) preferred.
Vacancy expired!