This position is responsible for ensuring the secure development, deployment, and operation of information systems across the Enterprise.
Serve as an internal information security consultant to the organization.
Provide direct training and oversight to all employees, alliances, or other third parties, ensuring proper information security clearance in accordance with established organizational information security policies and procedures.
Ensure all regulatory requirements are met such as PCI and SOX.
Create and implement information security policies, standards, and procedures for the organization.
Initiate, facilitate, and promote activities to create information security awareness within the organization.
Manage data loss prevention technologies and monitor compliance with information security policies and procedures, referring problems to the appropriate department manager.
Monitor the internal control systems to ensure that appropriate access levels are maintained.
Work with internal and external auditors to perform information security risk assessments.
Develop key metrics to measure effectiveness of the information security program.
2-5 years of combined systems and/or security administration experience.
Bachelor's degree from an accredited college or university in Computer Science or related field preferred. Any suitable combination of education and experience will be considered.
Systems administration background on any applicable platform such as Linux/UNIX, Windows and Cisco IOS is preferred.
Good skills with high level of proficiency in security frameworks such as ISO, NIST, and COBIT.
Good understanding of regulatory requirements such as PCI DSS, Sarbanes Oxley and HIPAA.
Good knowledge of firewalls, intrusion detection systems, anti-virus software, data encryption, and other industry-standard techniques and practices.
Good technical knowledge of network, PC, and platform operating systems, including Cisco, Microsoft and Linux.
Good knowledge of TCP/IP and network administration/protocols is preferred.
Good ability to conduct research into security issues, standards, and products as required.
Good ability to work on Information Security sponsored projects, which includes providing necessary documentation, establishing and meeting timelines.
Good ability to promote Security awareness training.
Good ability to create and/or maintain documentation including policies, procedures, security awareness tips, and compliance reports.
Comprehensive and accessible total reward package.
Medical, dental, and vision coverage.
Company-paid life and disability insurance.
Paid parental leave.
Tuition reimbursement.
Family planning resources such as adoption and surrogacy assistance.