Department Manager - Information Security Officer in Sandy Springs, GA at HUNTER Technical Resources

Date Posted: 7/14/2019

Job Snapshot

Job Description

Information Security Officer 

This position is responsible for identifying, evaluating and reporting on information security risks in a manner that meets compliance and regulatory requirements. This position will proactively work with application teams, infrastructure teams and business units to implement practices that meet defined policies and standards for information security.

The tasks include, but are not limited to:
  • Develop, implement and monitor a strategic, comprehensive information security and risk management program to ensure the integrity, confidentiality and availability of information owned, controlled or processed by the organization.
  • Manage the security organization, consisting of direct reports and indirect reports including hiring, training, staff development, performance management and annual compensation review.
  • Develop, communicate and ensure compliance with organizational security policies and standards.
  • Develop and manage information security budgets and monitor them for variances.
  • Create and manage information security and risk management awareness training programs for all employees, contractors and approved system users.
  • Schedule, prepare and conduct a regular Local Information Security Forum
  • Work directly with the business units to facilitate IT risk analysis and risk management processes, identify acceptable levels of risk, and establish roles and responsibilities with regard to information classification and protection.
  • Coordinate information security audits and Local Information Security Assessment with the IT organization and business unit teams.
  • Create and facilitate the information security risk assessment process, including reporting and oversight of remediation efforts to address negative findings.
  • Coordinate the use of external resources involved in the information security program, including, but not limited to, interviewing, negotiating contracts and fees, and managing external resources.
  • Facilitate business alignment and communications by forming an information security steering committee or advisory board.
  • This is not an exhaustive list of all duties and the position may be required to perform other duties as assigned

Bachelor’ s Degree  with emphasis in information technology or Cyber security 

  • Security Certificates desirable

Must have 8 – 10 years of experience in the following:
  • Project management skills; financial/budget management, scheduling and resource management.
  • Understanding and experience with IT governance, risk and compliance concepts within ERP systems.
  • Strong organizational and planning skills.
  • Data Protection Intermediate