Summary:
• Manages IT and company compliance issues. Produces detailed documentation including data flow diagrams, logical diagrams, and physical diagrams as required.
• Provides identity management and access control expertise for systems, networks, applications designs and architectures.
• Work across both Network, Infrastructure and Systems Administration functions to implement controls and best practices.
• Works as a liaison between IT and Operations Technology to ensure full and complete implementation of security controls, standards, and policies.
• Assists IT and Operations Technology with remediation planning and implementation.
• Establish and tests new and existing internal controls.
• Develop prioritized initiatives to address findings from both internal testing as well as from SOC.
• Work with Development to define and adhere to secure coding practices.
• Maintain all cybersecurity, IT Risk and Compliance, cyber insurance and other key documents (SSAE 16, SOC 1, WISP, Disaster Recovery, et. al.).
• Assists with development of the company’s Asset Management processes and procedures.
• Creates KPI’s, metrics, dashboards and reporting to measure the performance of the security organization.
• Commitment to safety begins with management. Managers and frontline supervisors are accountable for creating and maintaining a culture of Safety and assuring a safe work environment.
Relocation expenses are not covered by client
No work Visa Option
Start Date:
Required Skills:
• Analytical skills and the ability to organize work in a logical, thorough, and succinct manner.
• Flexibility to adapt to changing assignments and ability to effectively prioritize.
• Effective with written and verbal English communications at all levels, providing compliance guidance to project teams, management, and business partners.
• Demonstrated ability to operate and innovate in a small team with a fast-paced environment, balancing both strategic and tactical needs.
• PCI DSS
• SSAE 16
• SOC 1
• State and Federal Data Privacy Regulations (as applicable)
• Cloud Security
Plus-Skills:
Bachelor's degree in information technology or equivalent plus 5+ years of related work experience with IT Risk Management, or an equivalent combination of education and work experience; Good understanding of risk management principles, regulatory requirements, and industry best practices; Good understanding of General IT Controls, and Data Privacy Regulations; previous auditor experience a plus; Good understanding of IT systems and controls including Web systems, e-commerce, data centers, network infrastructure, patching, access controls, databases, cloud systems etc.
Location:
Boston, MA
Position Type:
Direct Hire Position
Salary:
Salary Information up to $ 120k (Based on Experience & Skills)
