Vacancy expired!
DatamanUSA has an exciting opportunity for an
IT Security Specialist to work on-site after covid with one of our direct clients in San Jose, CA. We love referrals! Please refer us to your friends, family, and colleagues for this opportunity. DatamanUSA gives referral bonuses (up to $500) if they get selected and perform well for our clients. Position: IT Security SpecialistDuration: 6 months (with possible extension)Location: San Jose, CA Typical Tasks: Develops, implements, and maintains Countywide security standards, guidelines, policies, and procedures based on best practices and compliance requirements; recommends security enhancements; Ensures ongoing security compliance and prevents the unauthorized use, release, modification, or destruction of data; Oversees the development of risk programs to achieve required risk tolerance levels; assists departments to establish appropriate risk levels; Designs secure business processes in conjunction with County departments, based upon defined risk tolerance levels; Provides consulting, training, and security awareness services to other departments to effectively interact with County Information Security and leverage centralized control capabilities within their operating environment; Conducts information security risk assessments within the Technology Services and Solutions and on an enterprise-wide basis Training and Experience: Sufficient education, training, and experience to demonstrate the ability to perform the above tasks and the attainment of the knowledge and abilities listed below. Five (5) years of increasingly responsible experience in the information security technology field. Experience with project management; direct audit activities; information assurance; risk management; or in a compliance environment, with emphasis in IT or Healthcare, is desirable. Certifications: Certification in audit and/or risk management such as Certified in Risk and Information Systems Control (CRISC), Certified Information Security Manager (CISM), and/or Certified Information Systems Security Professional (CISSP) preferred. Knowledge of: IT security principles, practices, terminology and trends; Risk and threat assessment process and practices; Information security risks, controls, regulatory guidelines, and industry standards related to information security; Industry best practices in risk identification, mitigation, and control assessments; Laws and regulations outlined in the Federal Information Security Management Act (FISMA) framework; Federal Risk and Authorization Program (FedRAMP); National Institute of Standards and Technology (NIST) Risk Management Framework. Ability to: Conduct information security risk assessments and security audits on an enterprise-wide basis; Conduct independent systems analysis of complex business processes; Test and monitor security controls; Identify noncompliance and recommend corrective action; lead or work collaboratively with County staff on issues of compliance and risk management; Enforce information security standards, guidelines, policies, and procedures; Define and discern key aspects of a problem and develop an integrated solution within a broad technical and business context; Develop, maintain, and recommend enhancements to risk programs, standards, guidelines, policies, and procedures; Communicate risk status to various levels of management; Identify, gather, and analyze key risk data and propose remediation actions when necessary; Lead multi-department risk assessment projects requiring coordination with numerous stakeholders and oversight bodies; plan and manage projects; Prepare a variety of reports; Learn Health Insurance Portability and Accountability Act (HIPPA) Security and privacy rules and requirements for Payment Card Industry compliance; Vacancy expired!
