Golden Technology
IT Security, Risk & Compliance Manager
Golden Technology, Cincinnati, Ohio, United States, 45208
Our client is looking for an IT Security, Risk and Compliance Manager to join their team! Responsibilities in this role will include:
Developing and recommending security policies, standards, procedures and controls for maintaining data security Conducting reviews to measure compliance with NIST, PCI, and ISO standards, regulations and frameworks Monitoring compliance with state, federal and international laws regarding data privacy and security breaches Developing a security strategy, security awareness program, security architecture, and security incident response Developing and maintaining up-to-date security policies, standards and guidelines Oversee training and dissemination of security policies and practices Coordinating information security efforts of all internal IT groups, to ensure that organization-wide information security efforts are consistent across the organization, and that duplication of effort is minimized Managing audit gaps, identifying those within IT, and responsible for remediating or closing audit findings, negotiating dates for closure, and track/report progress Assist management in conceptualizing all compliance related risks that the organization faces, and how best to deal with these risks using an integrated risk management approach Provide strategic risk guidance for IT projects, including evaluation and recommendation of technical controls Perform other duties as assigned Up to 10% travel required Top skills you need to have:
Broad knowledge of information technology governance practices including risk, audit, policy and standards development, metrics development, and education and training Strong knowledge of, and experience working in, industry-wide information security frameworks, including ISO 27001 and NIST Strong organizational skills Strong project management and people management skills Self-Starter requiring minimal supervision or direction Ability to motivate and lead technical teams Excellent written and verbal communication skills Exposure to MS Word, MS Project, SharePoint and associated processes and tools Bachelor's Degree or 5+ years of experience in the field or in a related area is required Desired Skills:
Experience creating and managing policies and controls around PCI, HIPPA and Privacy. Experience creating and managing a security awareness program, including education and simulated phishing. Experience managing security audits and coordinating with partners conducting the audits and addressing any audit gaps. Knowledge of policies and regulations including NIST, PCI, ISO, HIPPA and privacy. Self-Starter requiring minimal supervision or direction.
About Golden Technology
Golden Technology was founded in 1997 with the goal of developing people and driving innovation. In other words, our aim is to pair world-class technologists like you with amazing companies that are doing impactful work.
After an initially slow start, and way too many late nights playing Final Fantasy 7, Golden Technology built a unique recruiting engine that would quickly prove itself to deliver top-tiered talent to fortune 500 clients across the US, time and time again.
Golden Technology has built a culture around family and helping the people we touch succeed in both their work and personal lives. Oh, everyone says that? Try us, you'll see it.
We're helping people find their calling and their dream jobs; and through our Golden Community initiatives we are actively working to improve the communities in which we work, live, and play.
Developing and recommending security policies, standards, procedures and controls for maintaining data security Conducting reviews to measure compliance with NIST, PCI, and ISO standards, regulations and frameworks Monitoring compliance with state, federal and international laws regarding data privacy and security breaches Developing a security strategy, security awareness program, security architecture, and security incident response Developing and maintaining up-to-date security policies, standards and guidelines Oversee training and dissemination of security policies and practices Coordinating information security efforts of all internal IT groups, to ensure that organization-wide information security efforts are consistent across the organization, and that duplication of effort is minimized Managing audit gaps, identifying those within IT, and responsible for remediating or closing audit findings, negotiating dates for closure, and track/report progress Assist management in conceptualizing all compliance related risks that the organization faces, and how best to deal with these risks using an integrated risk management approach Provide strategic risk guidance for IT projects, including evaluation and recommendation of technical controls Perform other duties as assigned Up to 10% travel required Top skills you need to have:
Broad knowledge of information technology governance practices including risk, audit, policy and standards development, metrics development, and education and training Strong knowledge of, and experience working in, industry-wide information security frameworks, including ISO 27001 and NIST Strong organizational skills Strong project management and people management skills Self-Starter requiring minimal supervision or direction Ability to motivate and lead technical teams Excellent written and verbal communication skills Exposure to MS Word, MS Project, SharePoint and associated processes and tools Bachelor's Degree or 5+ years of experience in the field or in a related area is required Desired Skills:
Experience creating and managing policies and controls around PCI, HIPPA and Privacy. Experience creating and managing a security awareness program, including education and simulated phishing. Experience managing security audits and coordinating with partners conducting the audits and addressing any audit gaps. Knowledge of policies and regulations including NIST, PCI, ISO, HIPPA and privacy. Self-Starter requiring minimal supervision or direction.
About Golden Technology
Golden Technology was founded in 1997 with the goal of developing people and driving innovation. In other words, our aim is to pair world-class technologists like you with amazing companies that are doing impactful work.
After an initially slow start, and way too many late nights playing Final Fantasy 7, Golden Technology built a unique recruiting engine that would quickly prove itself to deliver top-tiered talent to fortune 500 clients across the US, time and time again.
Golden Technology has built a culture around family and helping the people we touch succeed in both their work and personal lives. Oh, everyone says that? Try us, you'll see it.
We're helping people find their calling and their dream jobs; and through our Golden Community initiatives we are actively working to improve the communities in which we work, live, and play.