IT Security Analyst
Reporting to the Senior Director of Security Compliance, the IT Auditor will have the opportunity to influence the strategic direction and organizational structure of a new department. The ideal candidate will have experience performing audits in the ISO 27001, PCI DSS, HIPAA frameworks.
- Perform ISO 27001, PCI DSS, HIPAA internal audits and monitor gap remediation efforts
- Evaluate effectiveness of the internal security control framework and recommend adjustments as business needs change
- Regularly interact with all levels of management to present and discuss audit results and obtain gap remediation status
- Maintain a catalog of all internal security controls across the enterprise to include their mapping to the above security frameworks
- Perform periodic security risk assessments and advise business stakeholders on best practices to reduce risk and overall breach profile
- Audit day-to-day security operations and high-visibility business processes
- Self-assessment program and assess the efficacy of evidentiary.
- Review and coordinate changes to information security policies, procedures, and standards in an ISO 9001 continuous improvement model
Knowledge, Skills, and Abilities
- Established work history with increasing responsibilities in the field of Information Assurance
- IT audit experience in the ISO 27001, PCI DSS, HIPAA frameworks
- Understanding and established work history with the PCI DSS and HIPAA
- Ability to lift and move items weighing up to 50lbs. without assistance
- 30% Travel or More
The above statements are intended to describe the general nature and level of work being performed. They are not intended to be an exhaustive list of all duties, responsibilities, and skills.
Education and Experience
- Higher education in the field of Computer Science or Information Assurance; equivalent work experience is acceptable
- Desired certifications: PCIP, ISA/QSA, CISSP, CISA, CISM, and related IT Information Certifications
Loricca is a national provider of IT Security and Regulatory Compliance Solutions. Loricca delivers flexible and innovative solutions through world class technical services combined with industry best practices. Loricca's highly talented team brings many years of experience delivering successful solutions to commercial enterprises and government agencies. The protection of critical and sensitive information is at the forefront of many corporate initiatives.
Tue, 28 Feb 2017 07:54:57 PST