IT SECURITY COMPLIANCE MANAGER
Apply NowCompany: West Advanced Technologies (WATI)
Location: Downey, CA 90242
Description:
Position: IT SECURITY COMPLIANCE MANAGER
Location: Downey, CA
Duration: 6 Months
The Consultant will perform the following tasks:
1. Provide security expertise in NIST 800-53 and ISO 270001/2 controls, PCI, HIPAA
and CJIS compliance and helps CSB to create best practice frameworks, policy
creation and business impact analysis
2. Design and implement a program which includes development and implementation
of efficient IT policies and procedures.
3. Collaborates and effectively engages with ITS teams, departments' stakeholders
and leadership across the County to develop, define and build risk assessment
methodology with identified business priorities
4. Responsible for managing the program to achieve full compliance with the County
defined IT Controls, and Security programs, and implementation of IT procedures
focused on efficiency, effectiveness and risk avoidance.
5. Collaborate with the ITS team, internal audit and the corporate security team to
assess, remediate and prevent information technology risks.
6. Management and reporting of risk and security metrics.
7. Perform ongoing education and training in Information Security related areas
8. Development of IT Strategies and roadmap.
9. Provides oversight and project management of various internal and external audits,
PCI, HIPAA and CJIS compliance and risk/ control assessment engagements, and
regular penetration testing
D. MINIMUM QUALIFICATIONS
The selected candidate must meet the following minimum qualifications:
1. One or more of the following professional certifications requited: Qualified Security
Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information
Systems Security Professionals (CISSP), Certified Information Security Manager
(CISM) or Certified Information Privacy Professional (CIPP)
2. Bachelor's degree from an accredited college in Technology related discipline (e.g.
Computer Science, Engineering, Information Systems, etc.) or equivalent
experience/combined education.
3. Minimum of three (3) years' experience in the last five (5) years as an IT Security
Compliance Manager, supporting a complex enterprise security environment for a
large public or private organization.
4. Minimum of three (3) years of experience in the past five (5) years as an IT Security
Compliance Manager, supporting Enterprise Multi-Tenant environment, include
responding, containing, remediating, and reporting on the infrastructure connecting
to County Departments and Public Cloud Providers, such as AWS, Azure and/or
GCP.
5. Minimum of two (2) years' experience in the last three (3) years analyzing,
responding, and remediating enterprise network & security architectures.
6. Minimum of two (2) years' experience in the last three (3) years leading IT
Security/Information Security teams.
7. Demonstrated ability to create clear, concise technical documentations such as
procedures, Visio diagrams, and system support documents, and strong
presentation skills with experience using Microsoft PowerPoint
Thanks & Regards
Rajeev
West Advanced Technologies, Inc
E:
Location: Downey, CA
Duration: 6 Months
The Consultant will perform the following tasks:
1. Provide security expertise in NIST 800-53 and ISO 270001/2 controls, PCI, HIPAA
and CJIS compliance and helps CSB to create best practice frameworks, policy
creation and business impact analysis
2. Design and implement a program which includes development and implementation
of efficient IT policies and procedures.
3. Collaborates and effectively engages with ITS teams, departments' stakeholders
and leadership across the County to develop, define and build risk assessment
methodology with identified business priorities
4. Responsible for managing the program to achieve full compliance with the County
defined IT Controls, and Security programs, and implementation of IT procedures
focused on efficiency, effectiveness and risk avoidance.
5. Collaborate with the ITS team, internal audit and the corporate security team to
assess, remediate and prevent information technology risks.
6. Management and reporting of risk and security metrics.
7. Perform ongoing education and training in Information Security related areas
8. Development of IT Strategies and roadmap.
9. Provides oversight and project management of various internal and external audits,
PCI, HIPAA and CJIS compliance and risk/ control assessment engagements, and
regular penetration testing
D. MINIMUM QUALIFICATIONS
The selected candidate must meet the following minimum qualifications:
1. One or more of the following professional certifications requited: Qualified Security
Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information
Systems Security Professionals (CISSP), Certified Information Security Manager
(CISM) or Certified Information Privacy Professional (CIPP)
2. Bachelor's degree from an accredited college in Technology related discipline (e.g.
Computer Science, Engineering, Information Systems, etc.) or equivalent
experience/combined education.
3. Minimum of three (3) years' experience in the last five (5) years as an IT Security
Compliance Manager, supporting a complex enterprise security environment for a
large public or private organization.
4. Minimum of three (3) years of experience in the past five (5) years as an IT Security
Compliance Manager, supporting Enterprise Multi-Tenant environment, include
responding, containing, remediating, and reporting on the infrastructure connecting
to County Departments and Public Cloud Providers, such as AWS, Azure and/or
GCP.
5. Minimum of two (2) years' experience in the last three (3) years analyzing,
responding, and remediating enterprise network & security architectures.
6. Minimum of two (2) years' experience in the last three (3) years leading IT
Security/Information Security teams.
7. Demonstrated ability to create clear, concise technical documentations such as
procedures, Visio diagrams, and system support documents, and strong
presentation skills with experience using Microsoft PowerPoint
Thanks & Regards
Rajeev
West Advanced Technologies, Inc
E: