Software Solutions Company—DC Metro Area—Salary Commensurate with Experience
- Competitive pay and comprehensive benefits.
- Work/life balance with tremendous benefits, including on-site exercises classes, a casual dress environment, potential for remote work with proven performance, and 401k match.
- Global organization in growth mode.
Minimum Education & Experience
- Bachelor’s Degree in Accounting, Computer Science, or Software Engineering and 3-5 years in IT auditrequired, CISSP desired.
- In-depth knowledge of risk assessment method and technologies and understanding of information risk concepts/principles.
- Knowledge of information security standards/experience in ITAR, NIST, 800 series, SSAE 18, and DFARS.
- Knowledge of core security tool concepts and ability to analyze technical outputs and recommend process improvements.
- Knowledge of encryption concepts and data security principles and practices.
- Excellent written and verbal communication skills to effectively communicate with IT professionals at all levels in the company.
- Critical thinking and problem-solving skills.
Duties & Responsibilities
- Be responsible for day-to-day operations of all aspects of cloud delivery environments and ongoing initiatives to ensure exceptional levels of reliability, scalability, security, and quality of service.
- Conduct security control assessments for compliance with various regulations.
- Conduct periodic reviews to ensure systems are operated, maintained, and disposed of in accordance with internal security policies and practices.
- Initiate protective/corrective measures when a security compliance incident or vulnerability is discovered.
- Formally notify Information Security management when a system no longer complies with security regulations or when changes occur that might affect a systems risk posture.
- Document results of security assessments and recommend technical/analytical guidance.
- Report to Information Security management concerning residual risk, vulnerabilities, and othersecurity exposures.
- Ensure all information security related documentation is current/ accessible to appropriate individuals.
- Support external audits by providing audit artifacts and documentation.
- Regularly monitor audit logs for compliance and regulation related incidents.
- Create presentations reporting findings from Information Security activities.