We are a small but rapidly growing company that needs a dedicated Information Security Officer. This is a good position for an ambitious person who is currently mid-level but aspiring to grow with a company and own all aspects of information security within the business. The Information Security Officer's role is to ensure the secure operation of the in-house computer systems, servers, and network connections in accordance with our internal processes, procedures, and compliance requirements. The security compliance officer's tasks also include conducting regularly scheduled audits on internal systems and hosting third-party audits as required in order to maintain certifications and compliance certificates. The other responsibility of the security compliance officer deploys, manages, and maintains security audit systems and their corresponding or associated software. The security compliance officer develops implements, maintains, and oversees enforcement of internal security policies and procedures. He also plans and implements system security administration and user system access based on industry-standard best practices and compliance requirements.
Apply for This Position
Reasonable Accommodations Statement
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. Reasonable Accommodations may be made to enable qualified individuals with disabilities to perform the essential functions.
- Able to work in a team environment giving and accepting both positive and negative feedback.
- Able to build very thorough and well written documentation.
- Able to understand the business requirements be able to communicate them.
- Able to understand a complex project in enough detail to verify gaps in compliance and recommend solutions.
- Able to understand and self-manage priorities of tasks.
- Able to be assertive when expressing critical security issues, escalating through company hierarchy as required.
- Able to work well with third parties as needed.
- Able to assist with technical tasks to help implement solutions.
SKILLS & ABILITIES
Education: In addition to the necessary skills and experience to perform the responsibilities outlined above, there are a number of traits that a successful candidate will possess.
- Degree or certification in an Information Security related field.
- Understanding of risk management, information security, cyber security, physical security.
- Basic concepts of Windows, OS X, Linux CentOS and Ubuntu Linux Administration.
- Understanding of various attack vectors against desktops, servers, network devices.
- Understanding of networking concepts such as vlan, mac addresses.
- Understanding of network scanning.
- Understanding of application vulnerabilities, especially around web applications.
Additional computer skills that will benefit the position
- Familiarity with PCI-DSS requirements.
- Familiarity with SOC2 Type II
- Familiarity with compliance related software and tools.
- Familiarity with network and configuration scanning.
- Familiarity with performing application vulnerability scans.