DuCharme McMillen & Associates Inc
Associate Security Engineer
DuCharme McMillen & Associates Inc, Fort Wayne, Indiana, United States, 46804
Why are long tenures and low turnover rates the norm at DMA? When you are an employee owned company, you are all about your employees, and here is proof:2024 Great Places to Work CertifiedEmployee stock ownership program eligibility begins day one of employment. ESOP contribution is targeted at 6% of your annual compensation.Company paid Paternity & Maternity Leave.Generous PTO package plus 2 paid floating holidays and 1 day of paid volunteer time off.Multiple benefit plans, eligible day one of employment."Live and work like a DMA Employee-Owner": We focus on work/life balance, mental health, and the overall wellness of our employees.*This position will be hybrid out of our Fort Wayne, IN office. The requirement is to work in the office three days per week.*Position Summary
DMA is seeking a detail-oriented Associate Security Engineer to join our IT Security team, focusing on compliance-related activities. The ideal candidate will assist with the implementation and maintenance of compliance standards, including ISO 27001 and SOC 2 certification. Additionally, they will provide support in responding to client security questionnaires and reviewing master service agreements (MSAs). This role requires strong organizational skills, a collaborative attitude, and the ability to work effectively with various teams and external clients to ensure DMA's compliance with industry standards and client requirements.Essential Duties and Responsibilities
Assist with ISO 27001 and SOC 2 Certification:
Support the development, implementation, and maintenance of ISO 27001 and SOC 2 controls and documentation.Collaborate with internal stakeholders to ensure that compliance requirements are integrated into IT security policies and practices.Participate in internal audits and risk assessments to identify and address gaps in compliance.
Client Security Questionnaires:
Review and complete security questionnaires from clients, ensuring accurate and timely responses.Coordinate with various teams to gather necessary information and validate responses to meet client expectations.
Master Service Agreements (MSAs):
Assist in reviewing MSAs from a security and compliance perspective, ensuring terms align with DMA's security policies and compliance standards.Collaborate with legal and client teams to negotiate and clarify security clauses and requirements.
Documentation and Reporting:
Maintain up-to-date documentation of compliance efforts, including audit reports, risk assessments, and other related materials.Generate reports on compliance status, progress towards certification, and other relevant metrics.
Continuous Improvement:
Stay current with industry standards, best practices, and regulatory requirements related to ISO 27001, SOC 2 and other relevant compliance frameworks.Identify opportunities to streamline compliance processes and enhance DMA's security posture.
Additional Duties:
Assist with other security initiatives and projects as needed to support the overall IT security team.Perform other duties as assigned
Education and QualificationsBachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field preferred.1-3 years of experience in IT security, compliance, or a related field.Familiarity with ISO 27001 standards and certification processes.Strong verbal and written communication skills, with the ability to effectively interact with internal teams and external clients.Excellent organizational skills and attention to detail.Ability to work both independently and collaboratively within a team environment.Strong problem-solving skills and the ability to handle multiple projects simultaneously.Ability to maintain confidentiality and work in a high-stress environment.Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. This position does not qualify for employment-based sponsorship.
#LI-JS1
#LI-HYBRID
DMA is seeking a detail-oriented Associate Security Engineer to join our IT Security team, focusing on compliance-related activities. The ideal candidate will assist with the implementation and maintenance of compliance standards, including ISO 27001 and SOC 2 certification. Additionally, they will provide support in responding to client security questionnaires and reviewing master service agreements (MSAs). This role requires strong organizational skills, a collaborative attitude, and the ability to work effectively with various teams and external clients to ensure DMA's compliance with industry standards and client requirements.Essential Duties and Responsibilities
Assist with ISO 27001 and SOC 2 Certification:
Support the development, implementation, and maintenance of ISO 27001 and SOC 2 controls and documentation.Collaborate with internal stakeholders to ensure that compliance requirements are integrated into IT security policies and practices.Participate in internal audits and risk assessments to identify and address gaps in compliance.
Client Security Questionnaires:
Review and complete security questionnaires from clients, ensuring accurate and timely responses.Coordinate with various teams to gather necessary information and validate responses to meet client expectations.
Master Service Agreements (MSAs):
Assist in reviewing MSAs from a security and compliance perspective, ensuring terms align with DMA's security policies and compliance standards.Collaborate with legal and client teams to negotiate and clarify security clauses and requirements.
Documentation and Reporting:
Maintain up-to-date documentation of compliance efforts, including audit reports, risk assessments, and other related materials.Generate reports on compliance status, progress towards certification, and other relevant metrics.
Continuous Improvement:
Stay current with industry standards, best practices, and regulatory requirements related to ISO 27001, SOC 2 and other relevant compliance frameworks.Identify opportunities to streamline compliance processes and enhance DMA's security posture.
Additional Duties:
Assist with other security initiatives and projects as needed to support the overall IT security team.Perform other duties as assigned
Education and QualificationsBachelor's degree in Computer Science, Information Technology, Cybersecurity, or a related field preferred.1-3 years of experience in IT security, compliance, or a related field.Familiarity with ISO 27001 standards and certification processes.Strong verbal and written communication skills, with the ability to effectively interact with internal teams and external clients.Excellent organizational skills and attention to detail.Ability to work both independently and collaboratively within a team environment.Strong problem-solving skills and the ability to handle multiple projects simultaneously.Ability to maintain confidentiality and work in a high-stress environment.Must be authorized to work in the U.S. without the need for employment-based visa sponsorship now or in the future. This position does not qualify for employment-based sponsorship.
#LI-JS1
#LI-HYBRID