What are the responsibilities and job description for the Information Security Compliance Specialist position at FGS?
Freedom, a national Direct Mail Company, is one of the largest, independently owned, privately held, direct mail marketing providers in the United States. Why Freedom? Because we are a leader in the direct mail space, investing in technology and resources to facilitate innovative ideas. We are looking for a detail-oriented and knowledgeable Information Security Compliance Specialist to join our team.
The ideal candidate will be responsible for ensuring that our organization adheres to relevant information security regulations, standards, and best practices. This role involves conducting audits, managing compliance programs, and collaborating with various departments to promote a culture of security and compliance.
Key Responsibilities:
- Compliance Management:
- Develop, implement, and maintain information security compliance programs in alignment with industry standards and regulations (e.g., HIPAA, PCI-DSS).
- Monitor changes in laws and regulations in conjunction with our consulting firm that may impact the organization’s compliance status.
- Risk Assessment and Auditing:
- Conduct and participate in regular compliance audits and assessments to evaluate the effectiveness of security controls and identify areas for improvement.
- Prepare audit reports and present findings to management, along with recommendations for remediation.
- Policy Development and Implementation:
- Assist in the development and enforcement of information security policies, procedures, and guidelines.
- Ensure that policies are communicated effectively across the organization and that employees understand their responsibilities.
- Training and Awareness:
- Develop and deliver training programs to educate employees on compliance requirements and best practices in information security.
- Promote a culture of compliance and security awareness throughout the organization.
- Collaboration and Communication:
- Work closely with IT, legal, and other departments to ensure compliance with security policies and regulations.
- Serve as a point of contact for compliance-related inquiries and provide guidance on security best practices.
- Incident Management:
- Assist in the investigation of compliance-related incidents and breaches, ensuring that appropriate corrective actions are taken.
- Maintain documentation of compliance incidents and remediation efforts.
- Documentation and Reporting:
- Maintain accurate records of compliance activities, audits, and assessments.
- Prepare reports for management and regulatory bodies as required.
Required Skills and Qualifications:
- A degree or certification in Information Security, Information Technology, Business Administration, or a related field.
- Practical experience in information security compliance, risk management, or a related area.
- In-depth knowledge of at least one major security and regulatory framework (e.g., NIST, ISO 27001, COBIT, PCI DSS, HITRUST).
- Excellent analytical, organizational, and problem-solving skills.
- Strong communication and interpersonal skills, with the ability to work collaboratively across departments.
- Certifications a plus but not required: (e.g., CISA, CISM, CRISC, CISSP)
This full-time position includes the following benefits:
- Medical coverage
- Dental and Vision coverage
- Flexible Spending Account (FSA)
- 401k saving plan with company match
- Paid Vacation
- Paid Holidays
