This position functions as a member of the corporate information security team drafting and reviewing information security documentation and contract terms. The position also works with the Information Security Manager to recommend information security best practices and analyze information security trends. The position works with local offices and their administrators to advise in the implementation of administrative and technical security procedures. The position reports to the Information Security Manager.
Develop and maintain Corporate information security policies and procedures and other security process documentation
Assist the legal department with the contractual review of security terms
Coordinate responses to information security control assessments and implement practices to optimize this process across organization
Perform and/or coordinate regular security assessments of locations and testing of information systems controls
Keep up to date on latest information security threats and countermeasures
Recommend security enhancements and purchases consistent with information security strategy and evolving threats
Work with the Information Security Manager to participate on incident response team
Develop and deliver training program on information security best practices
3-6 years of experience in information security roles
Information security experience with ISO 27001/2 and other industry regulatory controls (HIPAA) and compliance (SSAE16). Cloud security control experience a plus.
Ability to interpret information security data and processes to identify potential compliance issues
Technical knowledge of information security areas such as networking, identity access management, penetration testing and/or secure software development a plus
Ability to work within a globally distributed organization and understanding of international information security regulations
Familiarity with information security related contract terms
Excellent verbal and written communication skills including the ability to prepare documentation, policies and build consensus across a broad group
Excellent project management skills including the ability to prepare prioritize and complete work plans.
Decision making and problem solving skills including the ability to clearly define and resolve issues.
Ability to clearly and effectively communicate Information Security matters to executives, auditors and end users
Ability to work effectively and organize priorities independently
Appropriate education such as a Bachelor’s degree in Computer Science or a minimum of 2 to 4 years of information systems security or related experience. CISSP or CISA certification desired.
Mission Critical Global Technology Group (MCGlobalTech) is a minority owned, small business founded by industry leaders to provide strategic advisory and security consulting services to public and private sector business managers to better align technology and security programs with organizational mission and business goals.