Career

ACCOUNTABILITIES

• Creates and implements information security strategies and documents.
• Collaborates with engineering teams to define and improve information security and system management policies and settings.
•  Monitors and evaluates vendor and third-party information security reports and lists
• Assesses new products, technologies and give suggestions to leadership  regarding the introduction of new technologies
• Evaluates, prioritizes, and recommends information security improvements related to the achievement of customer’s business goals and objectives
• Coordinates, manages, and controls the use of access control systems security tools and intrusion detection systems to identify anomalous events and security infractions that exploit system vulnerabilities
• Integrates information security controls into an environment to identify risks and reduce their affects
• Identifies potential threats to information security and suggestions solutions to mitigate them
•  Builds and maintains information security documentation
• Communicates information security procedures to users
• Considers and suggestions changes to information security policies
• Designs, develops or suggestions security systems solutions for the protection of proprietary/confidential data and systems
• Join the customer in the strategic design process to transfer security and business requirements into processes and systems

** Candidates must Be W2

** US Citizens Only, due to public sector service management requirements. - must be notated on resume or in supplier notes. If not notated will be declined.

• Have more than 5 years’ experience of verifiable industry accomplishments
• Having strong technical skills around controls, process, accounting, IT & Cloud computing.
• Practical understands of the latest cybersecurity threats & techniques used by global threat actors.
• Having strong IT & finance acumen.
• Working knowledge in the international Standards for the professional Practice of Internal Auditing & IT Audit Standards.
• Having strong knowledge in the operation of network device databases & identity management systems.
• Practical understanding of the relation between the key financial systems & their impact on the financial reports
• Excellent knowledge ISO 27001, PCI DSS, SSAE 18 SOC 1 and SCO 2, the Cloud Security Alliance (CSA) Cloud Controls Matrix (CCM), The NIST Cybersecurity Framework (CSF), & General Accepted Privacy Practices (GAPP).

Preferred Skills:

• Certified Information System Auditor (CISA)
• Certified Information Security Professional (CISSP)
• Payment Card Industry (PCI) Qualified or Internal Security Assessor
• ISO 27001 Lead Auditor Preferred
• Certified Public Accountant (CPA)
• Certified in Risk and Information Systems Controls (CRISC)
• Certified Privacy Professional (CIPP/US)

• Drives cross-functional teams that perform information security evaluations and audits and review designs for the information security problem
• Provides security expertise to complex projects or programs
• Works as a subject matter expert and local leader for information security direction, training, and guidance for less experienced information security engineers
• Demonstrates proficiency in performing research and analyzing data to make and/or suggest modifications to systems and application software
• Performs research, assesses, and suggestions new tools and/or technologies, including cost analysis and justification to satisfy a business requirement
• Collaboration with senior management to establishes information security standards, procedures, and guidelines across multiple platform and application environments
• Assists as the organizational spokesperson  collaborating across IT groups to architect the design of secure infrastructure and applications, supporting in or facilitating the implementation of protective and mitigating controls                          
• Sets up frameworks to effectively manage information security risk; Sets up business relationships to align information security risk management with business goals                    
• Works in the role of EFIT expert in  collaborating with clients, regulatory agencies, federal or local law enforcement agencies, or corporate counsel; develops and refines methodologies and protocols for the acquisition of electronic discovery artifacts, evidence, and information regarding the various types of cases EFIT is involved with