Job Description

Responsibilities

• Monitor organization’s networks for security breaches and investigate when one occurs

• Use and maintain software, such as firewalls and data encryption programs, to protect sensitive information

• Check for vulnerabilities in computer and network systems

• Research the latest information technology (IT) security trends

• Prepare reports that document general metrics, attempted attacks, and security breaches

• Develop security standards and best practices for their organization

• Recommend security enhancements to management or senior IT staff

• Help computer users when they need to install or learn about new security products and procedures

• Help in SOC 2 Certifications

Requirements

Requirements and skills

• Experience in risk, compliance and information security policy development.

• Excellent organizational and communication skills (both oral and written).

• Strong interpersonal skills and the ability to effectively communicate with a wide range of individuals and constituencies in a diverse community.

• Knowledge of  IT processes and controls and strong understanding of risk and control frameworks such as (CoBIT, ISO, NIST, ITIL, PCI).

• General knowledge of information security regulatory requirements and standards such as ISO 27001/2