Job Seekers, Please send resumes to resumes@hireitpeople.com
Complete Description:
The position is responsible for coordinating and responding to information security audits. The position reviews and documents information security processes, identifies non-complaint areas, and drafts supporting documentation (policies and procedures) that meet state and federal security and privacy requirements.
Duties:
• Audits: Oversee information security audit activities. Ensure compliance with federal and state statutory, regulatory, and contractual requirements. Participate in IRS, HIPAA, SSA, State, and other information security audits. Prepare remediation plans and track agency progress in correcting audit findings.
• Coordination: Schedule meetings with management and technical staff to identify business procedures and incorporate security requirements that meet Federal and State requirements.
• Policy Development: Draft IT policies\standard operating procedures and obtain management sign off on.
Experience:
5 to 6 years of relevant experience; preferred education 4 year college degree or equivalent technical study.
Audits: Experience conducting or participating in information security audits.
• Compliance: Experience overseeing compliance with information security standards including NIST SP 800-53, HIPAA, IRS Publication 1075, SSA, PCI-DSS, ISO 27001, or other information security standards.
• Technical Writing: Experience drafting security policies, procedures, remediation plans.
• Certification in one of the following: CISM, CISSP, CRISC, CISA
Skills:
|
Skill |
Required / Desired |
Amount |
of Experience |
|
Participate in IRS, HIPAA, SSA, State, and other information security audit |
Required |
8 |
Years |
|
Experience in preparation and remediation plans and track agency progress in correcting audit findings |
Required |
8 |
Years |
|
Experience in developing security policies, procedures and plans |
Required |
8 |
Years |
|
Ability to work with staff in determining business requirements, work flows and processes |
Required |
8 |
Years |
|
Experience in participating\ conducting information security audits |
Required |
8 |
Years |
|
Audits: Oversee audit activities for the Information Technology Enterprise |
Required |
5 |
Months |
|
Ensure compliance with applicable federal and state statutory, regulatory, and contractual requirements. |
Required |
5 |
Years |
|
Technical Writing: Draft security procedures, policies and plans to meet Federal and State security and business requirements |
Required |
5 |
Years |
|
Policy Development: Draft IT policies and standard operating procedures from start to finish |
Required |
5 |
Years |
|
Schedule meetings with management and staff on determining business procedures |
Required |
5 |
Years |
|
Ability to incorporate security steps, process and procedures to meet Federal and State requirements . |
Required |
5 |
Years |
|
Certification in one of the following: CISM, CISSP, CRISC, CISA . |
Highly desired |
|
|
