Information System Security Officer (ISSO)

About The Position

Requirements

• Bachelor's degree in Information Technology, Cybersecurity, or a related field or 3 to 5 years of experience
• Proven experience as an Information System Security Officer or similar role.
• Strong knowledge of security frameworks and standards, such as NIST, ISO 27001, and CIS Controls.
• Experience with security tools and technologies, including firewalls, IDS/IPS, and SIEM solutions.
• Excellent analytical and problem-solving skills.
• Strong communication and interpersonal skills, with the ability to work collaboratively across teams.

Nice To Haves

• Relevant certifications such as CISSP, CISM, or CISA are highly desirable.

Responsibilities

• Develop and maintain security policies, standards, and procedures in compliance with industry regulations and best practices.
• Conduct regular security assessments and audits to identify vulnerabilities and recommend corrective actions.
• Monitor and analyze security alerts and incidents, responding promptly to mitigate risks.
• Collaborate with IT and other departments to implement security measures and ensure compliance with security policies.
• Provide guidance and training to staff on security best practices and awareness.
• Manage and maintain security tools and technologies, such as firewalls, intrusion detection systems, and encryption solutions.
• Prepare and maintain documentation related to security policies, procedures, and incidents.
• Stay current with emerging security threats and technologies to proactively address potential risks.
• They conduct regular security audits, vulnerability assessments, and risk analyses to identify potential threats and weaknesses.
• ISSOs respond to security incidents, investigate breaches, and implement corrective actions to minimize damage and prevent future occurrences.
• Security Architecture: Understanding of secure system design principles and experience developing secure architectures.
• Security Controls: Knowledge of various security controls and their implementation.
• Vulnerability Assessment: Experience with vulnerability scanning tools and techniques.
• Monitoring and Evaluation: They monitor network traffic, system logs, and security tools to detect anomalies and respond to potential threats.
• Security Documentation: Ability to create and maintain security documentation.

Benefits

• Competitive compensation
• Comprehensive insurance options
• Matching contributions through the 401(k) plan and the share purchase plan
• Paid time off for vacation, holidays, and sick time
• Paid parental leave
• Learning opportunities and tuition assistance
• Wellness and Well-being programs