Posted

30+ days ago

Location

Columbia, SC

Description

DAILY JOB RESPONSIBILITIES:

  • Defining, documenting, and implementing Information Security standards and policies across the enterprise
  • Working with external auditors to provide support as needed
  • Reviewing customer contracts, RFP’s and requirements for appropriateness
  • Establishing and maintaining an overall information security program
  • Assuring industry advisories, alerts, or other requirements are acted upon in an appropriate and timely manner
  • Providing information security-related guidance to I/S
  • Working with Line of Business (LOB) security officers to coordinate efforts
  • Maintaining a repository of information security data and compliance guidance
  • Providing Corporate Security Council coordination and support

 

CANDIDATE TECHNICAL BACKGROUND:

  • 6 years of I/T experience including 4 years of IT security, risk assessment, and/or compliance experience.
  • Experience with NIST, FISMA, COBIT, SSAE16, PCI, SOX, HIPAA, or other regulatory requirements.
  • Experience working on Security Management Plan
  • Experience with working on vulnerability matrices
  • Experience with the scanning and remediation of I/S assets using automated tools is beneficial (i.e. Nessus, AppDetective, Vanguard, etc.).
  • Knowledge of technical security controls from NIST, DISA, USGCB, etc. compliance domains across multiple platforms.
  • Deep understanding of security risk exposures and how vulnerabilities can be translated into the business risk that leadership understands.
  • Advanced knowledge of security risk assessment execution.
  • Expert-level knowledge of risk mitigation strategies.
  • Excel expert with the ability to analyze, trend, and forecast from high volumes of compliance data.
  • Proficient with MS Word.

 

PREFERRED / HIGHLY DESIRED BACKGROUND:

  • Experience with compliance programs within a government agency (i.e. Medicare, Tricare) is preferred.
  • Direct experience with NIST 800-53 security frameworks.
  • Any experience with Visio or PowerPoint a plus.
  • Any experience with DoD, DIARMF or FedRamp program are a plus.
  • SQL experience a plus.