Purple Box
Information Security Risk and Compliance
Purple Box, Atlanta, Georgia, United States, 30383
Company Description
PurpleBox is the leading technology consulting company that focuses on solving business problems utilizing new technologies. We provide Cybersecurity, Cloud Computing, and DevOps consulting services that help businesses manage their business risk more effectively.
Job Description
Multiple Information Security Risk and Compliance Positions are available.Entry-level to mid-senior levelInternship, Part-Time, Full TimeWe are seeking to hire multiple Information Security, Risk, and Compliance professionals to work with our customers on risk assessment, compliance, and cybersecurity projects. As part of project delivery teams, these professionals are responsible for the execution, monitoring, and enforcement of the information security governance, risk management, and compliance projects. The successful candidate will oversee day to day execution of operational information security risk and compliance initiatives at PurpleBox and/or our clients.
Responsibilities:
Manage and execute the day-to-day information security risk and compliance operational activitiesDevelop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organizationIdentify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholdersCommunicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items.Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirementsManage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituentsProvides regular reporting metrics on the current state of the program.Other duties as assignedQualifications
Bachelor's degree in Computer Science, Information Technology, Business Administration, or related fieldExperience in information security risk assessment, compliance and/or security operationsPrevious experience in one or more of the areas below is a plus:IT Security Strategy and ManagementRisk Management, IT Audit, and ComplianceNetwork, System, Database administration, support and/or help-desk experienceApplication Security, Software DevelopmentSecurity Monitoring, Data Loss Prevention, Incident ResponseExcellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.Strong analytical skills to analyze security requirements and relate them to appropriate security controls.Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF.
Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus.
Additional Information
All your information will be kept confidential according to EEO guidelines.
PurpleBox is the leading technology consulting company that focuses on solving business problems utilizing new technologies. We provide Cybersecurity, Cloud Computing, and DevOps consulting services that help businesses manage their business risk more effectively.
Job Description
Multiple Information Security Risk and Compliance Positions are available.Entry-level to mid-senior levelInternship, Part-Time, Full TimeWe are seeking to hire multiple Information Security, Risk, and Compliance professionals to work with our customers on risk assessment, compliance, and cybersecurity projects. As part of project delivery teams, these professionals are responsible for the execution, monitoring, and enforcement of the information security governance, risk management, and compliance projects. The successful candidate will oversee day to day execution of operational information security risk and compliance initiatives at PurpleBox and/or our clients.
Responsibilities:
Manage and execute the day-to-day information security risk and compliance operational activitiesDevelop and recommend appropriate information security policies, standards, procedures, checklists, and guidelines using generally recognized security concepts tailored to meet the requirements of the organizationIdentify and document specific security issues, propose resolution options, and interpret matters from the perspective of involved stakeholdersCommunicate regularly with teams and staff as part of risk assessments, follow-up on open issues, status tracking, and other miscellaneous items.Independently design, recommend, plan, develop, and support implementation of project-specific security solutions to meet requirementsManage remediation of identified risks and vulnerabilities; identify those within the organization responsible for remediation tasks; track progress on remediation of identified risks and vulnerabilities and provide appropriate reporting to all constituentsProvides regular reporting metrics on the current state of the program.Other duties as assignedQualifications
Bachelor's degree in Computer Science, Information Technology, Business Administration, or related fieldExperience in information security risk assessment, compliance and/or security operationsPrevious experience in one or more of the areas below is a plus:IT Security Strategy and ManagementRisk Management, IT Audit, and ComplianceNetwork, System, Database administration, support and/or help-desk experienceApplication Security, Software DevelopmentSecurity Monitoring, Data Loss Prevention, Incident ResponseExcellent written and verbal communication skills, interpersonal and collaborative skills, and the ability to communicate security and risk-related concepts to technical and nontechnical audiences.Strong analytical skills to analyze security requirements and relate them to appropriate security controls.Working knowledge of relevant security regulations, standards and frameworks, including SOC2, ISO27000, PCI, HIPAA, and NIST CSF.
Professional certifications such as CISM (Certified Information Security Manager), CISA (Certified Information Systems Auditor) or other similar credential is a plus.
Additional Information
All your information will be kept confidential according to EEO guidelines.