The Information Security Risk & Compliance Manager interprets regulatory and compliance requirements and works closely with the Information Security Operations Manager to ensure appropriate control implementation. The position is also responsible for the development, oversight, and continuous improvement of the overall information security program.
Internally, this position is responsible for:
- Developing and implementing information security policies and procedures.
- Leading and/or contributing to projects related to information security.
- Security incident management.
- Working with audit teams to demonstrate compliance.
- Adhering to and advocating the adoption of industry best practices.
- Assessing information risk to guide security control selection and implementation.
Externally, this position is responsible for:
- Coordinating/facilitating audits/reviews by external agencies or stakeholders.
- Managing vendor relationships and performing due diligence.
- Bachelor of Science degree in computer science, or related degree; or
- 10 years of related work experience.
- Demonstrated experience developing and implementing a formal information security program.
- Five or more years’ experience in the evaluation and implementation of security controls related to FISMA compliance, including the application of NIST SP 800-53.
- Experience implementing or employing information risk management and treatment.
- Demonstrated ability to translate complex security language into understandable concepts for business and IT staff.
- Demonstrated ability to facilitate discussion to identify the right level of control.
- Demonstrated ability to work across teams and build consensus.
This position based in Indianapolis, Ind.
Please reference requisition number 0143 in your application.
Position deadline is April 15, 2016.
If you are interested in applying for this position, please submit your resume to the Dir. Human Resources at firstname.lastname@example.org