Jobe Details

Senior Information Security & Compliance Engineer Posted on: 28/03/2019

Infinity Consulting Solutions, Inc
  • 10 to 12 Year(s)
  • -
  • RESTON-20598, VA, US


  • Job Description

    The Senior Engineer Information Security Governance, Risk, and Compliance is supporting an enterprise-wide information security governance, risk, and compliance program and will provide leadership for a variety of high-visibility initiatives.

    Primary Responsibilities:

    Lead efforts to manage internal information-security controls, including: documenting, providing recommendations for, analyzing, and assessing technical and management security control narratives and controls across the enterprise based on the latest AICPA Trust Services Criteria.

    Required to provide expert-level input and recommendations for process and control changes to meet external audit and operational requirements

    Provide leadership in audit liaison activities for a variety of external assessments against various compliance frameworks.

    Provide expert-level advice and guidance to a variety of control owners

    Report to senior management about the effectiveness of data security, and make recommendations for the adoption of new procedures, controls, and/or technologies

    Manage less experienced team members to foster professional development and promote internal knowledge sharing

    Required Skills:

    10+ years’ experience in information security audit, compliance, risk, and project management

    Bachelors’ degree in computer science, or related field or equivalent work experience required

    Subject matter expertise in translating applicable security frameworks, industry best practices, and international laws and regulations into control requirements

    Serve as a subject matter expert to internal security, privacy, and compliance stakeholders on specific topics/issues to enhance the establishment of the overall
    security control framework

    An ability to quickly complete assigned tasks from senior management with little or no supervision

    Manage multiple projects simultaneously across many areas related to information security

    Thorough understanding and knowledge of SOC Audits and associated AICPA Trust Services
    Criteria and NIST SP 800-53 Controls (latest revision)

    Experience with, and strong understanding of, most of the following security compliance frameworks, controls, and best practices: SOC Audits and AICPA Trust Principals, NIST SP 800-53 Controls (latest revision)

    Professional security management certification in one or more of the following areas:
    Certified Information Systems Security Professional (CISSP), Certified Information
    Security Manager (CISM), Certified Information Systems Auditor (CISA)

  • Information Architect
    Information Technology
  • No Preference
    FullTime Job
  • Candidate Requirements
  • Walkin Information
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205, NEW YORK-10018, NY, US
Advertise with Us,