Information Security Manager-Enterprise Information Security - S
Tephra
Cedar Rapids, IA
Full-time
Description :
Job Description for Information Security ManagerLocation Options : Cedar Rapids, IADallas, TXSt. Petersburg, FLResponsibilities :
- Ensuring that security strategies are aligned with business requirements
- Implementing, reviewing and monitoring of HIPAA security requirements and controls into the business operations
- Ensure that security incidents / events are identified / reported / managed as per organizational and regulatory requirements (HIPAA / PCI)
- Collaborate and carry out risk assessment of operational work, business continuity
- Carry out ongoing security awareness related to ISMS and HIPAA requirements
- Supporting implementation and manage SOC1 / SOC2 audits from security aspects
- Carryout internal audits Requirements : Process Knowledge
- Information Security Audit Planning, Execution, Audit Documentation and Reporting
- IT Risk assessment and review of IT General Controls
- ISO 27001 standards based Information security management system (ISMS) build and implementation
- Information Security Policies, Procedures and Standards design / review
- Compliance Audits (SOX.ISO27001, SSAE 18, SOC1 / SOC2)
- Exposure to Best Practices such as ITIL, COBIT , PCIDSS and COSO framework
- Responding to RFPs on security requirements in contract
- Information security risk assessment, treatment and management aspects
- Ability to handle security incidents and investigations. Regulatory framework
- In-depth knowledge of HIPAA security and other regulatory requirements and implementation Technology Knowledge
- Network security and OS Level Auditing Skills
- Vulnerability Assessment and Penetration Testing knowledge
- Secure Architecture Design and Implementation.
- Implementation / auditing of IAM, Firewalls, IDS, IPS, VPN, Authentication mechanisms, assessment tools, etcEnterprise Architecture
- Business / IT alignment
- Cloud Computing, Skills
- Project Management Skills
- Has to be a versatile Team player
- Aptitude to learn new technologies
- Constant learning
- Excellent Communication Skills
- Auditing skillsCertifications preferred one or multiple : CISA, CISSP, CISM, ISO 27001 : 2013 Lead Auditor / implementer
30+ days ago