Vakante Jobangebote finden Sie unter Projekte.
Information Security Specialist
Eingestellt von Compucom
Gesuchte Skills: Support, Design
Projektbeschreibung
POSITION DETAILS
Compliance and Risk
- Lead activities associated with internal and external audits to define proper scope, identify the relevant/required Control Objectives/Activities, develop test plan and perform internal testing of controls.
- Lead, coordinate and/or drive remediation activities in order to reduce to an acceptable level any risk that may be identified during an audit.
- Participate in the review of information security Waiver Requests, working with the requestor to find alternative solutions that could minimize the risk to CompuCom while meeting the needs of the business.
Incident Response
- Lead and/or participate in incident response activities as directed and as outlined in CompuCom's Security Incident Response Procedure.
- Review and update the corporate incident response documentation, process and procedures in support of continuous improvement.
Security Vulnerability Management
- Monitor for vulnerabilities relevant to the CompuCom IT Environment.
- Participate in the Security Vulnerability Management process, offering advice and recommendations in order to ensure risk from vulnerabilities is minimized.
- Coordinate and schedule scans of CompuCom's internal address space for vulnerabilities using approved tools.
- Generate and publish reports of vulnerabilities; using these reports, assess level of compliance with the Security Vulnerability Management process.
Subject Matter Expert
- Keep abreast of security, compliance and privacy standards and regulations, alerts, and vulnerabilities that are relevant to CompuCom.
- Develop proposals on how new and existing standards and technologies could be used to reduce risk to CompuCom and/or improve the competitive position of CompuCom.
- Communicate Information Security knowledge to internal as well as external parties.
- Develop, publish, and update information security policies, processes and procedures that support compliance with industry standards and regulations relevant to CompuCom and that otherwise reflect information security best practices.
- Develop innovative ways to communicate Information Security standards to end users and business leaders.
- Participate in the Change Management process and weekly meetings.
- Active participation in Project Management, as participant or Project Manager, for any project that may require such a formal approach.
REQUIRED
- CISA CERTIFICATION
- EXCELLENT UNDERSTANDING OF INFORMATION SECURITY TECHNOLOGIES
- Excellent understanding of Information Security controls as well as experience achieving compliance using and/or with standards and regulations such as SSAE16, AT101/TSP100, ISO27001, PCI-DSS, SOx and HIPAA
- 10 years of proven experience with Information Security in medium to large organizations
- 10 years of proven experience with leading and performing audits of IT and Business Process Controls using SAS70, SSAE16, SysTrust or WebTrust.
- Bachelor's Degree in Information Systems or the equivalent in the form of proven experience
- Proven ability to develop, create and implement processes that may be complex and/or cross team and organizational boundaries.
- Excellent organization skills
- Ability to prioritize workload in order to meet commitments
- Strong communications skills, both verbal and written, as well as the ability to communicate well with people in a variety of positions, roles and levels
PREFERRED
- CISSP Certification
- GIAC Certification
- Good understanding of FISMA, ITAR and BITS/Shared Assessments
- Experience performing forensic investigations
- Ability to create and maintain effective documentation, including policies, processes and procedures
Projektdetails
-
Einsatzort:
Texas, Vereinigte Staaten
-
Projektbeginn:
asap
-
Projektdauer:
Keine Angabe
- Vertragsart:
-
Berufserfahrung:
Keine Angabe
Geforderte Qualifikationen
-
Kategorie:
Medien/Design, Sonstiges