Information Security Manager-Enterprise Information Security - S
Apply NowCompany: Tephra Inc.
Location: Cedar Rapids, IA 52401
Description:
Description:
Job Description for Information Security Manager
Location Options:
Cedar Rapids, IA
Dallas, TX
St. Petersburg, FL
Responsibilities:
Ensuring that security strategies are aligned with business requirements
Implementing, reviewing and monitoring of HIPAA security requirements and controls into the business operations
Ensure that security incidents/events are identified/reported/managed as per organizational and regulatory requirements (HIPAA/PCI)
Collaborate and carry out risk assessment of operational work, business continuity
Carry out ongoing security awareness related to ISMS and HIPAA requirements
Supporting implementation and manage SOC1/SOC2 audits from security aspects
Carryout internal audits
Requirements:
Process Knowledge
Information Security Audit Planning, Execution, Audit Documentation and Reporting
IT Risk assessment and review of IT General Controls
ISO 27001 standards based Information security management system (ISMS) build and implementation
Information Security Policies, Procedures and Standards design/review
Compliance Audits (SOX.ISO27001, SSAE 18, SOC1/SOC2)
Exposure to Best Practices such as ITIL, COBIT , PCIDSS and COSO framework
Responding to RFPs on security requirements in contract
Information security risk assessment, treatment and management aspects
Ability to handle security incidents and investigations.
Regulatory framework
In-depth knowledge of HIPAA security and other regulatory requirements and implementation
Technology Knowledge
Network security and OS Level Auditing Skills
Vulnerability Assessment and Penetration Testing knowledge
Secure Architecture Design and Implementation.
Implementation/auditing of IAM, Firewalls, IDS, IPS, VPN, Authentication mechanisms, assessment tools, etc
Enterprise Architecture
Business / IT alignment
Cloud Computing,
Skills
Project Management Skills
Has to be a versatile Team player
Aptitude to learn new technologies
Constant learning
Excellent Communication Skills
Auditing skills
Certifications preferred - one or multiple:
CISA, CISSP, CISM, ISO 27001:2013 Lead Auditor/implementer
Job Description for Information Security Manager
Location Options:
Cedar Rapids, IA
Dallas, TX
St. Petersburg, FL
Responsibilities:
Ensuring that security strategies are aligned with business requirements
Implementing, reviewing and monitoring of HIPAA security requirements and controls into the business operations
Ensure that security incidents/events are identified/reported/managed as per organizational and regulatory requirements (HIPAA/PCI)
Collaborate and carry out risk assessment of operational work, business continuity
Carry out ongoing security awareness related to ISMS and HIPAA requirements
Supporting implementation and manage SOC1/SOC2 audits from security aspects
Carryout internal audits
Requirements:
Process Knowledge
Information Security Audit Planning, Execution, Audit Documentation and Reporting
IT Risk assessment and review of IT General Controls
ISO 27001 standards based Information security management system (ISMS) build and implementation
Information Security Policies, Procedures and Standards design/review
Compliance Audits (SOX.ISO27001, SSAE 18, SOC1/SOC2)
Exposure to Best Practices such as ITIL, COBIT , PCIDSS and COSO framework
Responding to RFPs on security requirements in contract
Information security risk assessment, treatment and management aspects
Ability to handle security incidents and investigations.
Regulatory framework
In-depth knowledge of HIPAA security and other regulatory requirements and implementation
Technology Knowledge
Network security and OS Level Auditing Skills
Vulnerability Assessment and Penetration Testing knowledge
Secure Architecture Design and Implementation.
Implementation/auditing of IAM, Firewalls, IDS, IPS, VPN, Authentication mechanisms, assessment tools, etc
Enterprise Architecture
Business / IT alignment
Cloud Computing,
Skills
Project Management Skills
Has to be a versatile Team player
Aptitude to learn new technologies
Constant learning
Excellent Communication Skills
Auditing skills
Certifications preferred - one or multiple:
CISA, CISSP, CISM, ISO 27001:2013 Lead Auditor/implementer