Information Systems Security Officer

TTEC•Little Rock, AR

7h•Remote

About The Position

Your potential has a place here with TTEC’s award-winning employment experience. As a Security Officer working remotely in Little Rock, Arkansas, you’ll be a part of bringing humanity to business. #experienceTTEC Our employees have spoken. Our purpose, team, and company culture are amazing and our Great Place to Work® certification in the United States says it all! Position Overview We are seeking an experienced Security Officer to lead and oversee security compliance efforts for a large-scale government human services project. The Security Officer will serve as the primary advisor to leadership and staff on security and regulatory compliance matters, ensuring a secure and compliant operational environment in accordance with all applicable federal and state mandates. This role is responsible for assessing, implementing, and enforcing security policies and controls, maintaining data integrity and confidentiality, and ensuring ongoing adherence to government security frameworks. While this position is not required to be onsite daily, periodic travel to the primary facility at Little Rock, Arkansas may be required for audits, training, or compliance reviews.

Requirements

Minimum five (5) years of experience managing or serving in a key leadership role on a large-scale government human services project.
Minimum three (3) years of experience serving as a Security Officer.
Minimum four (4) years of hands-on experience with:
MARS-E Security and compliance management
ARC-AMPE Security and Privacy Standards
NIST SP 800-53 controls
CMS Acceptable Risk Safeguards (ARS)
Demonstrated expertise in federal and state security regulations and compliance frameworks.
Strong experience leading audits, risk assessments, and control implementation initiatives.
Excellent written and verbal communication skills.
Strong facilitation skills, including small group training and formal presentations.
Ability to attend onsite review meetings as required by DHS.

Nice To Haves

ISACA Certified Information Security Manager (CISM)
Certified in Cybersecurity (CC)
OffSec Certified Professional (OSCP / OSCP+)
Certified Information Systems Security Professional (CISSP)
Certified Ethical Hacker (CEH)
Practical SOC Analyst Associate (PSAA)
Practical Web Pentest Associate/Professional (PWPA / PWPP)
Practical Junior Penetration Tester (PJPT)
Practical Network Penetration Tester (PNPT)

Responsibilities

Develop, maintain, document, and report on the organization’s security program and compliance posture.
Ensure systems and operational processes comply with all current and future federal and state security regulations and standards.
Conduct internal security audits, risk assessments, and control evaluations.
Implement safeguards to ensure data integrity, confidentiality, and availability.
Lead and deliver security and compliance training sessions for internal staff and client personnel as requested.
Provide documentation and subject-matter expertise during external security audits and regulatory reviews.
Advise executive leadership and program management on security risks, mitigation strategies, and regulatory obligations.
Integrate security controls into operational and technical workflows to ensure continuous compliance.
Provide expert guidance and strategic direction in the development and implementation of comprehensive security programs, policies, and procedures.
Lead the development and execution of sophisticated risk management strategies, leveraging GRC tools, risk registers, and advanced risk assessment methodologies.
Drive analysis of complex security monitoring data, generating actionable intelligence and high-level reports for both technical and executive audiences.
Effectively communicate complex cybersecurity concepts with clarity and authority to diverse audiences, from technical teams to executive leadership, maintaining a professional and influential demeanor.
Provide expert oversight and guidance across the entire cybersecurity and IT lifecycle, from secure design principles to operational security, incident triage, and proactive monitoring.
Lead the definition and assessment of complex project security plans, negotiate assessment scope at a high level, and strategically coordinate assessment logistics and rules of engagement.
Provide expert support and potentially lead critical incident response activities, including strategic triage, mitigation planning, executive communication, and in-depth post-mortem and evolutionary assessments.
Lead and oversee comprehensive vulnerability assessment programs, ensuring effective risk tracking, prioritization, and strategic mitigation efforts.
Provide expert guidance and strategic direction on security requirements for complex cloud architectures, ideally with deep experience in the cybersecurity risks associated with cloud-based Communication as a Service (CaaS) solutions.
Provide direct, expert-level guidance and champion Information Security and Compliance best practices for the secure installation and integration of system fixes, updates, and security enhancements.
Leverage your in-depth familiarity and extensive experience with HIPAA, ARC-AMPE Security, NIST 800-53 revs 4 & 5 and CSF-based control assessments to drive strategic security decisions. Apply other relevant security frameworks to strategic initiatives.
Leverage your strong analytical abilities to dissect complex security requirements and event data, developing strategic solutions and providing impactful recommendations at a principal level.