Under the general supervision of the IT Director, serves as the Risk Management & Compliance Manager for the Information Technology section. Conducts risk management activities to identify current and future threats and to help the organization reach an acceptable level of risk. Provides the necessary subject-matter expertise and ensures implementation of the information security architecture, risk management standards, gap analysis, best practices, and systems/processes to ensure information privacy/protection. Will interact with management to determine acceptable levels of risk as the business model and risk profile change and align the security program accordingly. Review the security features of new information security practices, systems, and business services to ensure they meet the security requirements of new and existing policies. Review, on a timely basis, the various analyses of reports and logs obtained from firewalls, external and internal scanning devices, and security software. Reviews for noted irregularities, reports violations, and recommends solutions. Work with IT staff and outside vendors to determine the effectiveness and security of agency resources. Assist in the development of scenarios of usage, test for abnormalities or exposures. Use available tools to determine the effectiveness of Security and Risk programs and if guidelines and policies are being followed. Completes the Position Description process for all assigned employees. Assist in all areas of Information Technology as requested by the IT Director or Director of Administration.
Stand Out From the Crowd
Upload your resume and get instant feedback on how well it matches this job.
Job Type
Full-time
Career Level
Mid Level