Logo
TSA Group

Information Security Officer

TSA Group, Los Angeles, California, United States,


TSA is an Australian-owned business specializing in helping companies acquire, retain and grow their consumer customer bases. We represent some of the country's largest brands, across eight call centres in Australia and internationally.We’re a purpose driven business and our mission is clear. We endeavor to create experiences that people love, by revolutionizing the way they connect and communicate with brands.What should you expect from this role?Competitive Salary PackageOnsite Work Set UpMonday to Friday shift (9AM - 6PM)2 Full time Roles AvailableJob Description

The Information Security Officer will plan, implement, upgrade, and monitor security protocols for the protection of the TSA’s computer networks and information.The Information Security Officer will foster collaboration between IT and business units, ensuring compliance in Technology programs and projects, and working closely with Internal and External Audit teams throughout the process. They will also manage the process of gathering, analysing, and assessing information security and privacy threats while maintaining and monitoring evolving security best practices.Information Security Officer will be responsible for overseeing information security, cybersecurity and IT risk management programs based on industry-accepted information security and risk management frameworks. This individual will be an integral part of the Information Technology organisation reporting directly to the VP of Engineering to help improve and communicate the maturity levels of information security, state of cybersecurity and IT risk practices across TSA.ResponsibilitiesDocument controller- Collate and organise documents related to compliance against international standards and regulatory requirements.- Engage with ISMS stakeholders and other business unit heads and representatives in collecting pertinent documents.- Manage documents and track versions, changes, and revisions according to emerging trends, regulatory and industry standard requirements.Compliance management- Work with the information security team in performing gap analysis, policy and procedure development.- Review and assess compliance of initiatives against adopted standards of the organisation (ISO 27001:2022, PCI DSS, etc.).- Review and assess compliance requirements against regulations of Office of the Australian Information Commissioner (OAIC), National Privacy Commission (NPC) for the Philippines, and Office of the Privacy Commissioner (OPC) for New Zealand.- Review and assess compliance requirements against other pertinent regulations such as GDPR and other similar privacy and security regulations, and international standards such as CIS Controls, NIST CSF 2.0, NIST RMF, and other similar standards.Governance and risk management- Assist the information security team in engaging with ISMS stakeholders of the TSA security governance program initiatives and requirements.- Assist the information security team in third-party risk management and other pertinent process and procedures related to managing security risks over vendors and third-party service providers.- Perform risk assessments and risk reviews pertinent to the ISMS according to ISO 27001, PCI DSS and other relevant security and privacy standards.- Provide security awareness to all employees by means of presentations, communications and other methodologies adopted by TSA and provide recommendations for strengthening and ensuring delivery of the security awareness campaign.Security Incident management- Work with the information security team in reviewing, revising, and developing incident response plan and playbook.- Regularly perform preparations and capability assessments and testing of incident response of TSA.- Collaborate with information security team and IT specialists and engineers in determining areas for improvement with regards to incident response handling.Cyber threat intelligence and vulnerability management- Perform threat intelligence through OSINT and other open-source methodologies.- Assist the information security team in preparation and planning VAPT and red teaming activities.- Develop, collate, and manage related documents in threat and vulnerability management.Qualifications

BS IT, IS, Comsci, or other related tech or security courses or equivalent trainings and experience.Must have at least 3 years of experience as a SOC analyst, security analyst, GRC analyst, IT audit or similar experience.Desired certifications or certificate (Certificate of course completion are considered):- CompTIA Security+- CCNA Security- ISO 27001 LI / LA- ISC2 CC or SSCP- ISACA CSX-P, CCOA- Higher certifications will be greatly considered

but not necessarily required

(CISSP or associate of ISC2, CISA, CISM, GCIH, or similar).Desired skills and knowledge:- Security risk management- Project management- IT or IS auditing- Incident response- ISO 27001 foundation, implementation and/or auditing- Threat intelligence and/or knowledge in threat hunting and threat modelling- Familiar with security and network tools such as CrowdStrike.Additional Information

At TSA, the health, safety and well-being of our team is our number one priority! In response to the COVID-19 pandemic we have introduced a number of robust practices to keep our team safe, such as physical distancing measures, control measures for our visitors, temperature testing, isolation requirements where applicable and so much more.We take our responsibility to protect the health and well-being of our team and our community very seriously.IMPORTANT : The Inter-Agency Task Force for the Management of Emerging Infectious Diseases (IATF) issued Resolution No. 148-B which states that, effective December 1, 2021, all employees reporting on-site must be vaccinated against COVID-19. If you have questions regarding this guideline, please make sure to discuss this with our Recruitment Team during job offer.

#J-18808-Ljbffr