Post Date: 04/24/2017 Job ID: 22843 Industry: Other Area(s)
The job responsibilities for this position are:
• perform IT risk assessments to determine the acceptable level of risk and resulting security requirements for information systems,
• perform IT assessments and testing to evaluate compliance with various regulatory and/or industry requirements,
• design IT testing procedures to identify and evaluate risk exposures and determine the effectiveness and efficiency of controls,
• prepare written communications, including assessment reports and working papers to document the scope, procedures performed, findings, and exceptions,
• assist process owners with developing effective remediation plans to address control exceptions identified during assessments,
• perform follow-up procedures to determine adequacy of corrective actions taken,
• serve as a point of contact and liaison with internal and external auditors, assessors, and examiners,
• lead the development and implementation of security policies, standards, processes, procedures, controls, and guidelines for multiple platforms and diverse system environments.
Required Qualifications: The required qualifications for this position are:
• preferred to have a Bachelor’ s Degree in Management Information Systems, Computer Science, Information Security, or other analytical disciplines or equivalent experience,
• must have at least five years of combined experience in one or more of the following areas: information security audits, information security, risk management, security and controls assessments, and/or IT audit,
• Security accreditation (i.e., CISSP, GCIH, or CISM) plus at least eight years of related IT experience.