Implements information security and compliance controls; performs security incident management and technical troubleshooting; performs assessments/audits and presents them in an organized report, documents processes and procedures; communicates verbally and in writing, provides training and guidelines; and, coordinates and serves as the point of contact for security operations center (SOC).
Areas of Responsibility:
- Researches information security issues and proposes solutions to address vulnerabilities.
- Monitors development within ISS groups to ensure compliance with established policies, procedures and controls.
- Performs Information Security Incident Management.
- Develops and documents processes, procedures.
- Manages and collaborates through SharePoint sites.
- Works with other ISS groups in implementation and monitoring of information security controls.
- Conducts periodic reviews of Information Technology General Controls (ITGC) compliance and leads the project ensuring compliance.
- Reviews system and security logs, identify issues, and escalate issues.
- Participates in vulnerability assessments of systems under administration.
- Acts as a liaison or primary contact for internal and external audits
- Performs other duties assigned.
Educational Background:
Bachelor's Degree or its International Equivalent • Computer Science, Information Technology Disciplines or Related Field.
Skills/Experience:
- Thorough understanding of information security and assurance concepts and industry trends.
- Working knowledge networks, servers, firewalls, websites - in context of troubleshooting
- Strong technical writing and problem solving skills.
- Excellent quantitative and analytical skills.
- Excellent oral and written communication skills.
- Ability to communicate technical information clearly and concisely to non-technical users.
- Ability to work independently with initiative to manage high volume work flow.
- Ability to lead and manage projects independently and work well with others on a team.
Problem Solving & Impact:
- Works on problems of complex scope that require analysis and review of identifiable factors.
- Exercises judgment within defined procedures and practices to determine methods and techniques to obtain results.
- Decisions may affect the management and operations of an area within a department.
Supervision Given/Received:
- Has no supervisory responsibility.
- Identifies and promotes security and compliance among the organization and remains current on all major system enhancements.
- Develops and recommends solutions and process improvements to management.
Education:
- Certified Information Systems Security Professional (CISSP) and/or Certified Information Systems Auditor (CISA) highly desirable.
Experience:
- Typically requires 8+ years of experience with security and compliance communication technologies. Articulate, professional and able to communicate in a clear, positive manner with clients, partners, and staff.
- Must be able to read, write and speak fluent English; fluent in host country language as required.
- Prior work experience in information security organizations is a plus.
Typical Physical Demands:
- Typical office environment.
- Ability to sit and stand for extended periods of time.
- Ability to lift 5-50 lbs.
Technology to be Used:
- All technologies (software and hardware) generally expected for the role, current and future.
Travel Requirements:
- Less than 10%
Job Function:
Organization Info
Listing Stats
Post Date:
Nov 15 2018
Active Until:
Dec 15 2018
Hiring Organization:
Fhi 360
industry:
Nonprofit