Job Summary:
We are seeking an experienced IT Security Administrator to ensure the protection and integrity of our organization's information systems. This role requires a thorough understanding of industry standards and regulations including SOC2, PCI-DSS, ISO, HIPAA, Hi-Trust, SAS70 T2, NIST, and COBIT. The ideal candidate will be responsible for developing, implementing, and maintaining robust administrative, technical, and physical controls to safeguard sensitive data and mitigate risks effectively.
Key Responsibilities:
- Develop, implement, and enforce security policies, procedures, and controls in alignment with SOC2, PCI-DSS, ISO, HIPAA, Hi-Trust, SAS70 T2, NIST, and COBIT standards.
- Conduct regular audits and assessments to evaluate compliance with regulatory requirements and identify areas for improvement.
- Create and maintain documentation of security policies, procedures, incident response plans, and other relevant documentation.
- Monitor security systems and networks for suspicious activities or potential breaches and respond promptly to security incidents.
- Collaborate with cross-functional teams to integrate security best practices into IT infrastructure and business processes.
- Stay abreast of emerging threats and vulnerabilities and recommend proactive measures to enhance security posture.
- Provide guidance and training to employees on security awareness and protocols to foster a culture of security awareness.
- Participate in risk assessments and assist in the development of disaster recovery and business continuity plans.
- Coordinate and support external audits and assessments, ensuring adherence to regulatory standards and contractual obligations.
- Lead security aspects of vendor management program.
- Act as a liaison with external regulatory bodies, auditors, and vendors on matters related to information security.
- Conduct customer security assessments and manage remediation.
Qualifications and Required Skillsets:
- Bachelor’s degree in information technology, Computer Science, or related field.
- Preferred certifications: CISA, CISM, CISSP, or equivalent.
- 3 years of experience in IT security administration, with a strong understanding of SOC2, PCI-DSS, ISO, HIPAA, Hi-Trust, SAS70 T2, NIST, and COBIT.
- Required Proficiency in security technologies, tools, and methodologies like Tenable, Nessus
- Experience with development of disaster recovery and business continuity plans
- Proven track record of successfully managing security incidents and implementing security controls.
- Strong communication and interpersonal skills, with the ability to collaborate effectively with internal and external customers.
- Excellent analytical and problem-solving skills, with a keen attention to detail.
- Strong Ability to work independently and prioritize tasks in a fast-paced environment.
- Ability to work effectively both independently and as part of a team. Flexibility to accommodate 24/7 operations and on-call duties.