Information Systems Compliance Manager
We have an excellent opportunity for an Information Systems Compliance Manager in the Southern NJ area.
This job maintains the enterprise policies, programs, and procedures to ensure information systems regulatory compliance.
The position assists the IT organization in providing an efficient, effective, secure IT environment in alignment with the risk.
The position is also accountable for the management of appropriate security solutions and oversight of any vulnerability audits or assessments and subsequent remediation plans.
Secondary tasks include advising on the development, maintenance, publishing, and enforcement of enterprise IT security standards and guidelines encompassing data, physical and intellectual security.
The Manager of Information Security job responsibilities include:
o Identifies compliance concerns with regulatory requirements defined for the security of information, personal data and intellectual property.
Advises on risks and best security practices.
o Determines the appropriate security response to incidents.
Intervenes whenever conditions exist that pose a threat to the security of the company.
Provides management with updates or details regarding threats or serious incidents.
o Manages the annual PCI audit, filing and development of the Report on Compliance o Leads the evaluation and analysis of security applications and systems and makes recommendations to management.
o Monitors security alerts published on the internet (i.
e.
US-CERT, FS-ISAC) and advises whether reported threats could impact the company's information or systems.
o Monitors security systems for possible intrusion.
o Reviews audit reports on user and system activities.
o Works with external vendors to evaluate security measures to reduce and mitigate risk.
o Assist in performing security architecture implementation and reviews.
o Perform periodic risk assessments, report on vulnerabilities and propose remediation action.
o Assists with the annual internal/external audits and any remediation required o Updates the IT Information Security Training course as required to keep it relevant o Report all violations of the IT security program and security policies.
o Communicates unresolved security exposures, misuse, or non-compliance situations to management Desired Skills and ExperienceEducation/Certification:
o Bachelor's degree in computer science, systems analysis, information technology or a related study, or equivalent experience Experience Required:
o 5-10 years IT experience with a minimum of 3 years security/infrastructure protection and information security audit experience.
o At least 2 years security & audit experience required.
o Technical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters as a recognized technical expert and to lead teams o Knowledge of security controls for midrange, PCs, laptops, tablets o Understanding of various operating environments, e.
g.
Unix, Windows, Linux, Ciscoo Proven professional experience evaluating IT infrastructure and applications, including network devices, firewalls, VPNs, desktop and server configuration, database security, relevant physical security, and other security devices and applicationso Ability to maintain an up-to-date knowledge of the IT security industryo Understanding of relationships between threats, vulnerabilities, asset values and their effect on overall business risk o Hands-on experience performing traffic analysis, intrusion analysis and detection o Experience in cyber incident response o Experience in developing security policies and standards o Expert knowledge with the PCI-DSS and familiarity with Sarbanes-Oxley complianceo One or more professional certifications desired:
o Certified Information Security Manager (CISM)o Certified Information Systems Auditor (CISA)o Certified Information Systems Security Professional (CISSP)o Certified in Risk and Information Systems Control (CRISC)o SANS-GIAC Security Leadership (GSLC) Our client is actively seeking qualified candidates to fill this Information Systems Compliance Manager job.
They are on a timeline and are reviewing resumes as they become available.
If qualified and interested in this position, please apply today! All resumes are being reviewed upon application.
Apply below! And, thanks for partnering up with MODIS!.
Estimated Salary: $20 to $28 per hour based on qualifications.
This job maintains the enterprise policies, programs, and procedures to ensure information systems regulatory compliance.
The position assists the IT organization in providing an efficient, effective, secure IT environment in alignment with the risk.
The position is also accountable for the management of appropriate security solutions and oversight of any vulnerability audits or assessments and subsequent remediation plans.
Secondary tasks include advising on the development, maintenance, publishing, and enforcement of enterprise IT security standards and guidelines encompassing data, physical and intellectual security.
The Manager of Information Security job responsibilities include:
o Identifies compliance concerns with regulatory requirements defined for the security of information, personal data and intellectual property.
Advises on risks and best security practices.
o Determines the appropriate security response to incidents.
Intervenes whenever conditions exist that pose a threat to the security of the company.
Provides management with updates or details regarding threats or serious incidents.
o Manages the annual PCI audit, filing and development of the Report on Compliance o Leads the evaluation and analysis of security applications and systems and makes recommendations to management.
o Monitors security alerts published on the internet (i.
e.
US-CERT, FS-ISAC) and advises whether reported threats could impact the company's information or systems.
o Monitors security systems for possible intrusion.
o Reviews audit reports on user and system activities.
o Works with external vendors to evaluate security measures to reduce and mitigate risk.
o Assist in performing security architecture implementation and reviews.
o Perform periodic risk assessments, report on vulnerabilities and propose remediation action.
o Assists with the annual internal/external audits and any remediation required o Updates the IT Information Security Training course as required to keep it relevant o Report all violations of the IT security program and security policies.
o Communicates unresolved security exposures, misuse, or non-compliance situations to management Desired Skills and ExperienceEducation/Certification:
o Bachelor's degree in computer science, systems analysis, information technology or a related study, or equivalent experience Experience Required:
o 5-10 years IT experience with a minimum of 3 years security/infrastructure protection and information security audit experience.
o At least 2 years security & audit experience required.
o Technical proficiency in security-related hardware and software; ability to function as a consultant to other IT groups on security matters as a recognized technical expert and to lead teams o Knowledge of security controls for midrange, PCs, laptops, tablets o Understanding of various operating environments, e.
g.
Unix, Windows, Linux, Ciscoo Proven professional experience evaluating IT infrastructure and applications, including network devices, firewalls, VPNs, desktop and server configuration, database security, relevant physical security, and other security devices and applicationso Ability to maintain an up-to-date knowledge of the IT security industryo Understanding of relationships between threats, vulnerabilities, asset values and their effect on overall business risk o Hands-on experience performing traffic analysis, intrusion analysis and detection o Experience in cyber incident response o Experience in developing security policies and standards o Expert knowledge with the PCI-DSS and familiarity with Sarbanes-Oxley complianceo One or more professional certifications desired:
o Certified Information Security Manager (CISM)o Certified Information Systems Auditor (CISA)o Certified Information Systems Security Professional (CISSP)o Certified in Risk and Information Systems Control (CRISC)o SANS-GIAC Security Leadership (GSLC) Our client is actively seeking qualified candidates to fill this Information Systems Compliance Manager job.
They are on a timeline and are reviewing resumes as they become available.
If qualified and interested in this position, please apply today! All resumes are being reviewed upon application.
Apply below! And, thanks for partnering up with MODIS!.
Estimated Salary: $20 to $28 per hour based on qualifications.
|
|
 | |
