Security Compliance Assessment Advisor
Job Description:
Responsibilities:
- Conduct thorough evaluations of information security controls to identify potential threats and vulnerabilities to the Systems information systems.
- The process includes a detailed review of security controls, policies, and procedures to prioritize risks and recommend enhancements that support organizational security goals
- Reviews data and assists in advising districts on best practices and how to implement the necessary changes to address their business and information security needs.
- Key participant in project development surrounding new processes and the integrating of new processes with existing ones.
- Assists in developing communications of these changes to impacted clients and other resources.
- Performs other related duties as assigned.
Working Conditions:
- Will require the use of standard office equipment such as computers, phones, photocopiers, etc.
- Physical Demands: Requires some degree of sitting (for prolonged periods of time), standing, Due to the nature of the job the candidate should be able to lift 20 pounds with assistance.
- Hours of Work:
- May require extended work hours.
- The ideal candidate will work a hybrid schedule and be in a district office two days a week.
- Occasional travel including overnight stays may be necessary.
Required Qualifications:
- Bachelor’s degree in computer science, Information Security, or equivalent experience with 3 to 5+ years of relevant work experience.
- Proven experience with conducting security assessments.
- Knowledge of compliance frameworks and continuous authorization processes.
- Excellent communication skills and the ability to work collaboratively.
- Reviewing data and advising customers on SAFR requirements and best practices.
- Building strong collaboration and negotiation relationships.
- Poses creativity, attention to detail.
- Understands and applies the risk management discipline in decision making and contributes to the functional area’s risk management.
Preferred Qualifications:
- Certifications such as CISSP, CISA, CISM.
- Experience in a policy and assurance or quasi-governmental environment.
- Familiarity with cloud service providers and associated security challenges.
- Knowledge of SAFR lifecycle compliance and testing.
- The candidate must possess skills that include experience with:
- Reviewing data and advising customers on SAFR requirements and best practices.
- Building strong interpersonal collaboration, negotiation, creativity, attention to detail, and communication relationships.