Description
Overview
Harris is a leading provider of financial management and Customer Information Systems (CIS) software solutions; providing feature-rich and robust turnkey solutions to Public Sector, Schools, Utility, and Healthcare agencies throughout North America.
We are a financially strong, growing and stable company guided by our values to do the right thing when it comes to our customers, our employees, and our local communities.
At Harris, we offer employees the opportunity to learn and have fun, while empowering them to make a difference and directly contribute to the success of the organization!
The Harris Corporate IT Team is seeking an Information Security Governance Specialist who will provide risk management and governance oversight to ensure security controls and processes are appropriate to minimize risks and meet regulatory compliance requirements.
As the Information Security Governance Specialist, you will utilize your wide area of expertise in risk management, cybersecurity, vulnerability management, information security governance, incident management, security frameworks and other areas to provide security compliance oversight for the Harris group of companies.
This position will communicate with the Corporate IT, Legal and Compliance teams, customer’s IT representatives and stakeholders, and other appropriate areas, as deemed necessary.
Duties
- Assist with the management of and participates in the information security, governance, and risk management programs according to established policy requirements.
- Monitor the information security, governance, and risk management programs to ensure organizational controls and processes are appropriate to minimize security risks and to ensure compliance with various security standards and regulatory requirements.
- Assist with the development, maintenance and publishing of up-to-date information security policies, standards, and guidelines.
- Advise executive leadership and provide oversight of policies, standards and procedures related to information security and regulatory requirements as it relates to security controls and processes.
- Lead and / or participate in various steering committees and other groups as appropriate.
- Assist with the development of and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals.
- Responsible for conducting risk assessments against various regulatory compliance such as HIPAA, PCI, etc.
- Perform risk and security assessments of applications, databases, and servers and supporting network technologies, such as routers, switches, access points.
- Participate in annual security audits, incident response exercises, security reporting, audit, and compliance support.
- Develop and execute corrective action and remediation plans for identified issues, risks, or vulnerabilities.
- Assess potential risks and vulnerabilities to develop baselines and assist with response to deviations.
- Manage the training awareness program, monitor compliance, and develop security training.
- Review security control surveys, information security addendums and data protection addendums as required.
- Develops and maintains standard practices and procedures for appropriate response to identified threats.
- Analyzes and assesses with security incidents and escalates incidents by following incident plan.
- Work with information security team to provide security incident escalation support and remediate security issues.
- Assist with evidence collection for security audits and responding to security questionnaires.
Qualifications
- Minimum of 5 years experience in IT security risk management or governance experience.
- Minimum of 2 years experience as a system administrator, network administrator or in security operations may substitute 1 of the 5 years required experience above.
- Minimum of 2 years experience in cloud services security
- Knowledgeable about security controls and processes, vulnerabilities, regulatory and legal changes, and security standards that may impact information security
- Hands on experience managing various security and governance, risk and compliance tools (e.g., Vulnerability Scanning, GRC Tools, etc.)
- Experience in access control and identity management for on premise and cloud environments.
- Ability to write security requirements and design documents.
- Bachelor’s degree in Computer Science, Information Systems, Network Security Engineering or related major or equivalent work experience.
- CISSP, CRISC, CISA, CDPSE, HCISPP certifications would be considered an asset
Information Security Risk Specialist - Security Clearance Required
Information Security Risk Specialist. This is your opportunity to take an active role in information security while growing your skills in information assurance. We need your knowledge as an information security risk spe. As an information security risk spe. ...
Information Assurance Security Specialist - Security Clearance Required
JSF IT -Information Assurance/Security Specialist, IAM LEVEL III on F-35 JSF IT. Position Description: Determines enterprise information assurance and security standards. Develops and implements information assurance/security standards and procedures. Recommends information assurance/security soluti...
Information System Security Specialist w/ESS expertise - Security Clearance Required
Peraton has an opportunity for an Information System Security Specialist w/ESS expertise to:. This includes conducting Agile software engineering in a Development, Security, and Operations (DevSecOps) environment, performing Cloud architectural design, operation, and administration functions, and cy...
Cloud Information Systems Security Specialist
Cloud Information Systems Security SpecialistJob Category: Information TechnologyTime Type: Full timeMinimum Clearance Required to Start: NoneEmployee Type: RegularPercentage of Travel Required: NoneType of Travel: None* * *. CAC is seeking a Cloud Information Systems Security Specialist to be part ...
Intermediate Information Security Specialist
Review RMF security packages, identify salient security issues, make the determination as to whether an agency system meets the appropriate Intelligence Community Directive (ICD) 503 information security requirements for that particular system, and provide a final recommendation as to whether the le...
Information Security Specialist
You will be responsible for the full range of security issues including architectures, firewalls, electronic data traffic, and network access- Uses encryption technology, penetration and vulnerability analysis of various security technologies, and information technology security research. Own your c...
Information Security Specialist
The Information Security Specialist will be responsible for ensuring the security of our information systems by identifying vulnerabilities, implementing security measures, and maintaining compliance with relevant regulations and standards. Role: Information Security Specialist. We are seeking a ski...
Senior Program Security Specialist, TS/SCI w/Polygraph
Security personnel required will ensure the completion of urgent tasks associated with establishing and maintaining the security programs regarding personnel, physical, technical, information systems, and program security at the Special Access Program (SAP), Sensitive Compartmented Information, and ...
Information System Security Specialist
Assist in the selection of minimum-security controls to establish a baseline of measures to prevent security breaches of the information system, document the selected security controls in the security plan and initial Risk Assessment Report (RAR), and, document an approved continuous monitoring stra...
Information Security Specialist
Army National Guard (ARNG), focusing on derivative classification, standard operating procedures (SOP) and security education, training, and awareness (SETA) for Information Security (INFOSEC) and Controlled Unclassified Information (CUI) programs. Security training equivalent to that of the Center ...