Vacancy expired!
Ledgent Technology is seeking an
Information Security Compliance Manager to identify, manage, and report on the company's security, regulatory, and compliance obligations.This is a full-time position located in Weston, FL.Remote work may be considered for local candidates only. ONLY local candidates will be considered3rd party subcontracting is not allowed. All applicants must be eligible to work for any employer in the United States without requiring sponsorship now or in the future.What you will be doing:- Team with the CIO to manage the implementation of the Information Security Management System and General Compliance Program
- Enforce policies/procedures with emphasis on SOC 2 Type II, HITRUST, and PCI-DSS
- Comprehend, develop, and provide meaningful reports on the ISMS state and adherence to frameworks and standards
- Guide the escalation and resolution of risk and compliance issues with appropriate stakeholders
- Aid the Sales team in responding to RFPs and security questionnaires; maintain a library of security and compliance RFP responses
- Schedule, execute, and support internal audits as part of the ISMS
- Gather evidence required by external auditors
- Partake in internal and external audits and guide/translate between auditor and personnel
- Conduct client-vendor assessments
- Record, analyze, and document cybersecurity compliance issues and incidents, where necessary
- Partake in security incident response and corrective action planning
- Gather, research, and prepare reports required by senior management
- Operate, execute, and maintain the ISMS
- Coordinate BCP/DR teams and preparedness
- Complete internal security risk assessments
- Enforce training programs
- Conduct Vendor Risk Assessments
- Team with HR Director to verify adherence with onboardings and terminations
- Degree in related field
- Five years of related experience in security and compliance
- Maintain a security certification in at least one of the following: CISM, CISSP, CISA
- Solid verbal and written communication skills in English
- Capability to work in a fast-paced environment and the skills to deal with ambiguity
- Knowledge of IT governance, risk, and compliance management
- Understanding writing policies, procedures, and controls in one or more standards/frameworks
- Background working with security teams performing vulnerability scanning and PEN testing
- Familiarity with network security methodologies and in-depth defense strategies
Vacancy expired!