Information Security Officer

General Description

Applies skills as an experienced professional to ensure the security of all information pertinent to the company. Recommends methods and techniques to achieve optimal results and helps establish a culture of security across the organization. Supports the achievement of compliance and regulatory goals that are based on the high level of security built into our products. Creates processes to support high quality security-operations, with real-time monitoring of security and compliance in cloud and on-prem environments with a global user community. The incumbent will need to be highly knowledgeable of the concepts of security, compliance, and risk assessment as well as have the technical ability to converse with other team members about their plans and security concerns.

Essential Duties and Responsibilities

Leads the implementation of technical and operational security controls that are considered safeguards and /or countermeasures to prevent unauthorized access, modification and disclosure of data, software, and infrastructure.

- Assess SecOps factors and facilitates remediation of identified vulnerabilities for security across the enterprise.

- Assesses SecOps factors and facilitates remediation of identified vulnerabilities with the companies' network, systems, and applications.

- Aligns security deliverables with legal, regulatory, and contractual requirements that conforms with security framework and standards such as NIST SP 800-53 rev 4, ISO/IEC 27000 series, OWASP Top 10, among others.

- Establishes processes and procedure for continuous monitoring to allow operational visibility in enterprise environments.

- Reports on findings and recommendations for corrective action.

- Performs SecOps related assessments as assigned utilizing security tools and methodologies.

- Facilitates and monitors performance of remediation tasks, changes related to mitigation factors & reports on findings.

Essential Duties and Responsibilities

Maintains oversight of IT and vendors regarding the security maintenance of their systems and applications.

Provides periodic status reports, including outstanding issues.

Assist in all Cybersecurity audits, risk assessments and regulatory compliance.

Education

Bachelor's degree in Computer Science, or related field, or equivalent work experience.

Experience

Five (5) years experience in ensuring the security of all information pertinent to the company.

Certifications/Licenses

Certifications are highly desirable but not required.

CompTIA SEC+, ISC2 SSCP