RGBSI, is dedicated to providing the highest quality of services to our clients and employees. We are proud to be the primary partner to top companies in the automotive, aerospace & defense, IT, media & entertainment, sports, energy, and finance industries. As a result of our clients' continued growth, we are looking for energetic, personable professionals to partner with these leading US companies.
- The Information Security Compliance Engineer will be responsible for architecting, developing, and operating solutions that help Client measure, monitor and report on the state of key security metrics and compliance requirements.
- This role is focused on working with multiple technology and offer teams to ensure Client's Information Security tools are deployed and supported to achieve both corporate and regulatory compliance with specific focus on Federal Financial Institutions Examination Council's (FFIEC) standards and Center for Internet Security (CIS) controls/benchmarks.
- The candidate will be working in an exciting and rapidly expanding environment driving high standards while collaborating with a group of skilled engineers, administrators and developers.
Essential Job Duties and Responsibilities:
- Performs compliance reviews of Information Technology group.
- Provides guidance and support on information protection across departments on regulatory compliance, policies and industry best practices as related to technology and information security.
- Prioritize and implement security measures to support the day to day operation of the compliance function, ensuring adherence to policies and standards.
- Establish security control testing protocols to ensure protection of member and credit union information.
- Support Research and Development (R&D) efforts on new and emerging information security trends.
- Apply that knowledge to continued improvement of the information security applications and systems to best protect member and credit union information.
- Mentor/support team members where appropriate
- Proficient with the Microsoft Office Suite of products (Word/Excel/Outlook).
- Other Duties as Required: To ensure that emerging or unexpected member / organizational needs are appropriately addressed in a timely fashion.
Minimum Formal Education Required for this Position:
- Knowledge consistent with a Bachelor's Degree in Computer Science, Information Security/Technology, Risk or similar
- Each year of relevant work experience may be exchanged for a year in a relevant degree program or vice versa. For example, a requirement of "Knowledge Consistent with a Bachelor's Degree in Accounting and 2+ years' of accounting experience” could be substituted for a High School Diploma and 6 years of relevant accounting work experience or a Master's Degree in Accounting and 0 years of work experience.
Minimum work experience:
- 6+ years' Security experience at a large enterprise company or premier consulting firm
- 5+ years Information security related administration
- 3+ years Financial industry security related administration
Technical or specialized knowledge/skills:
- Experience working in Second Line of Defense at a large organization
- Strong communication skills (written, verbal, and listening)
- Highly organized and able to multi-task and manage concurrent deadlines and able to effectively contribute to and lead working groups
- Comfortable working in cross functional and multidisciplinary teams
- Knowledge of compliance and regulatory frameworks (FFIEC, CIS, PCI, SOC 1, SOC 2, HIPAA, GDPR, etc...)
- Possesses a strong working knowledge of security principles, policies, tools and procedures along with an understanding of the overall technical architecture of the organization
- Strong technical writing and interpersonal skills with ability to communicate effectively verbally
- Demonstrates resilience and flexibility in a rapidly changing environment to explore different strategies and achieve desired outcomes
- Possesses a high degree of independence, integrity, and confidentiality while able to independently develop and deliver presentations and can respond to questions
- Exposure or proficiency with the following platforms. Azure, Azure Active Directory, Intune MDM, Office365, and Okta
- A demonstrated passion for, or commitment to helping our community achieve their financial goals
- Follows standard procedures to follow up on security incidents, collecting and reporting appropriate information
- CISM, CISA, CRISC or equivalent within 120 days
Environmental, physical and psychological requirements:
- Must be able to sit or stand for prolonged periods of time in a climate-controlled environment.
- Must be able to use fingers, hands, wrists for repetitive tasks such as typing, using a mouse, handling paper, currency, or coin, and operating a telephone.
- Demands for visual and auditory acuity are typical of an office environment.
- Must be able to interact via email, telephone, or in person with diplomacy, tact, and courtesy with all members under varying circumstances.
- Must be able to lift up to 40 lbs.
We offer attractive, competitive compensation and benefits including, medical, dental, 401k, Short Term Disability, AD&D and Tuition Reimbursement, etc. If you take pride in your work and are committed to personal and professional success we want to talk to you