E

Information Security Compliance Officer

ExecRecruitment
Full-time
Remote
United States

ExecRecruitment is a global professional services provider and contingency staffing company. Our main objective is to source top talent and support professional growth.

One of our direct clients is actively seeking an Information Security Compliance Officer to join their team.


Job Title: Information Security Compliance Officer
Location: Remote
Duration: 6 months+ extension




Job Duties

The duties of an Information Security Compliance Officer include, but are not limited to:

• Serve as a technical expert relative to information security for statewide information technology systems;
• Perform expert-level responsibility relative to information security for a highly complex statewide information technology system;
• Provide expert-level consultation on a variety of information security concepts, practices, and procedures for a highly complex statewide information technology system;
• Provide information security risk management services by conducting expert-level internal risk and security assessments for a highly complex statewide information technology system and its applications, either independently or by coordinating through third party sources;
• Review and approve elevated user permission requests as directed;
• Review data transfer requests of the highest complexity to ensure that the required level of security is applied for the data classification level";
• Plan, design, implement, document, and validate security solutions requiring extensive knowledge and experience relative to a highly complex statewide information technology system;
• Develop, recommend, and implement information security system controls and methodologies for a specific assignment considered to be one of the largest and/or most complex statewide information technology systems;
• Research, review, and evaluate security related technologies, processes, and approaches;
• Apply expert-level knowledge of information security best practices and standards to ensure privacy, security, and administrative regulatory compliance with federal, state, and local requirements for a highly complex statewide information technology system;
• Prepare reports and other deliverables that contain strategy, technical analysis, control failures, security gaps, and audit findings relative to information security for a highly complex statewide information technology system. Provides remediation guidance to stakeholders and tracks remediation activities;
Create and maintain Plans of Action and Milestones (POA&M) by crafting and documenting remediation plans for information system deficiencies;
• Coordinate the development of training for the assigned information technology system and serves as a technical resource to advise on information security awareness for employees, contractors, and other information technology system users;
• Coordinate with key stakeholders and oversees activities of lower-level InfoSec personnel to ensure that information security policies and standards relative to privacy, risk, audit and compliance are uniformly applied across all technology projects, systems, and services.