OVERVIEW OF POSITION:
Under general supervision, will assume responsibility for performing risk and compliance tasks and assessments of IT processes and systems. Provides support for information security processes; operates other software to assess vendor security & privacy, provides audit and regulatory support, and produces policy and standards documents. Performs regular access reviews for critical systems. Plays a crucial role in protecting an organization’s information systems by identifying and mitigating potential security risks. Maintains the security and integrity of an organization’s information systems.
Starting Salary Range: $66k - 82k / year
ResponsibilitiesESSENTIAL FUNCTIONS:
Assists with the implementation of the corporate information security governance and compliance efforts(e.g., NIST, CIS Controls, SSAE16/SOC, HITRUST, etc.)Performs internal security and privacy compliance assessments based upon identified controls.Performs security assessments for third party vendor or partner relationships with the ability to read and
assess compliance documents such as SOC2 and HITRUST attestations or certifications.Assists in developing and implementing security program governance, compliance frameworks, processes,
policies, standards, and work instructions.Performs other duties as assigned.Provides KPIs, metrics and recurring reports to management.Participates in the implementation and continuous improvement of the ESSC Security Program.Participates in Incident Response and Disaster Recovery planning and exercises.Performs regular access reviews for critical business systems. Qualifications
EDUCATION:
Security +, CISA, CISSP, CISM or other information security certifications preferred.Bachelor’s Degree: Typically, in Information Technology, Business, or a related field is preferred.EXPERIENCE:
2-5 years of experience in Information Security/Compliance.Experience with information security, internal & external audits, contract compliance, and qualityinitiatives.Experience driving compliance-related activities such as SOC2 readiness & audit support.
KNOWLEDGE, SKILLS, ABILITIES:
Must pass all drug testing required by ESSC and if required, a post-offer physical evaluation.Ability to obtain and maintain a criminal record/fingerprint clearance from the Department of Justice andFederal Bureau of Investigation, per Easterseals of Southern California and/or program requirements.Understanding and application of security best practices, risk management, regulatory, contractual, and
relevant statutory requirements (HIPAA, CIS Critical Controls, NIST, ISO 27001/2, SOC2).Knowledge of applicable laws and practices relating to information privacy and security.Firm understanding of risk management principles.Demonstrated knowledge of business software and hardware, knowledge of security related applications,
familiarity with ticketing systems, and strong customer service and organizational skills. Options Apply for this job onlineApplyShareEmail this job to a friendRefer Sorry the Share function is not working properly at this moment. Please refresh the page and try again later. Share on your newsfeed Application FAQs
Software Powered by iCIMS
www.icims.com