Information Security Officer

  • Production Modeling Corporation
  • Atlanta, GA, 30334
  • Contract > 12 months
  • Bachelor's Degree
  • Experienced

Posted on

Job Description:

The Information Security Officer (ISO) manages the development and delivery of IT security standards, best practices, architecture and systems to ensure information system security across the enterprise. Will assist agency in meeting NIST standards.

The ISO is a key contributor to the IT Strategic Plan and leads the implementation processes and methods for auditing and addressing non-compliance to technology and information security standards. The ISO facilitates migration of non-compliant environments to compliant environments and conducts studies within and outside the organization to ensure compliance with standards and practices with industry security norms. He/she manages and participates in the planning and implementation of security administration for all IT projects. Responsible for evaluation and selection of security applications and systems. Makes recommendations and assists in the implementation of changes to work methods and procedures to make them more effective or to strengthen security measure

ESSENTIAL FUNCTIONS:

Develop and maintain IT Security Roadmap plans that support enterprise needs

Establish Architecture standards for IT Security documentation (conceptual, functional, etc)

Mapping of IT Security with applications and systems to function within the environment?

Define the interactions among systems including IT Security measures

  • Establish Technical Architecture Information for security functions
  • Define the technical standards to be used in the construction of the security environment
  • Assist with regulatory and data transfer procedures
  • Document and communicate policies, queries, vulnerabilities, and current system state
  • Work with IT Team to illustrate the specific systems, Hardware platforms, and application packages in the future state architecture
  • Define integration and interaction standards among security systems
  • Create performance criteria that must be met by the agency environment
  • Collaborate with IT, end users, and senior management to define business requirements for complex systems development and work
  • Participate in external forums, training, meetings with key vendors
  • Oversee training, policies, and practices, including audits, to ensure secure operations

EXPERIENCE:

  • 4 yrs exp - IT security, compliance, creating risk assessments, develop and implement an effective policy compliance monitoring and enforcement
  • Preferred: Holder of CISM or CISSP Certification
  • 4 Yrs exp - Creation of information security policy assessments, enforcing compliance with firm security policies and applicable law
  • 5 yrs exp - Providing SME on privacy frameworks and laws such as HIPAA, HITECH, PCI, SSAW 16 SOC1 & Soc1, NST Cybersecurity Framework, NIST 800-53, and ISO 27001/2
  • 4 yrs exp - Developing and managing an Enterprise Information Security Threat Management Program
  • 4 yrs exp - Coordinating the use of external resources involved in the performance of security testing, i.e. pen tests, vulnerability scans
  • 4 yrs exp - Managing identity and access management functions including security administration, access governance, provisioning and access control design
  • 4 yrs exp - Demonstrated successful track record of helping to implement security initiatives and frameworks in a flexible, personable and non-dogmatic manner
  • 4 yrs exp – Coordinating the use of external resources involved in the performance of security testing, i.e. pen tests, vulnerability scans
  • Preferred: Holder of CISM or CISSP Certification
  • Preferred: Collaborate with programs across the agency including HR, Legal, Privacy, Procurement and Compliance to ensure information security alignment agency-wide
  • Preferred: Experience in developing and reporting business-relevant metrics to measure the efficiency and effectiveness of the Information Security Program.

Company Description:

PMC is a leading provider of quality, engineering, manufacturing, supply chain, operations productivity, and IT Staffing solutions. Our solutions help customers shorten product life cycles, increase quality and throughput, reduce lead time, and improve their return on capacity and technology investments (ROI). Please visit www.PMCorp.com to learn more.

www.pmcorp.com