Vacancy caducado!
Summary
Perform compliance and risk assessment activities for information systems and related processes. Communicate and escalate compliance and risk issues to the appropriate department.This position requires a C2 security clearance which requires US Citizenship to obtain. (Must already have a current clearance) Description •30% Demonstrate competency in monitoring remediation of new and outstanding issues, as well as Security Risk Exceptions, within at least one business area. Identify and report on areas of non-compliance.•20% Conduct procedural and operational review of information security processes and system controls against corporate, government and /or internal compliance standards.•20% Participate in the development, implementation and documentation of Information Security policies, procedures, processes and programs to guide the organization toward continuous compliance. With guidance from more experienced personnel, analyze and interpret security regulations and controls to advise on approaches within a single business area.•10% Participate in internal or external audits for simple to moderate control processes or business area.•10% With guidance from more experienced personnel; investigate, document and resolve Information Security Incidents.•10% Research emerging security topics, threats and capabilities to recommend policy and governance updates. Assist in the development of security training, Security Council bulletins, security policies, standards and best practices to share organizationally.Required Education:- Bachelor's Degree in Computer Science, Information Technology or related degree.
- or 4 years of job related work experience
- or 2 years of job related experience plus an associate's degree in Computer Science, Information Technology or other job related degree.
- 4 years of I/T experience including 2 years of IT security, risk assessment and/or compliance experience.
- Successful completion of BCBSSC I/S Entry Level Training Program (ELTP) may be substituted for 2 years of I/T experience.
- Basic understanding of System Development Life Cycle methodologies.
- Good understanding of risk management, information system security and compliance standards.
- Proven analytical skills.
- Strong written, verbal and diplomacy skills.
- Strong communication and interpersonal skills.
- Ability to adapt to shifting priorities, demands and timeliness.
- Ability to multi-task.
- Ability to work independently or in a team environment.
- Familiarity with CMS Data Call Processes
- Familiarity with ARS Control Standards
- Familiarity and good working knowledge of Application Development Life Cycle
- ISC2 Certified Authorization Professional (CAP).
Vacancy caducado!