Job Title : IT Security Specialist
Why work at OpTech?
OpTech is a woman-owned company that values your ideas, encourages your growth, and always has your back. When you work at OpTech, not only do you get health and dental benefits on the first day of employment, but you also have training opportunities, flexible / remote work options, growth opportunities, 401K and competitive pay. Apply today! To view our complete list of openings, please visit our website at www.optechus.com .
SUMMARY :
- The EIS Compliance / Governance Analyst will be responsible for assisting in the responsibilities of executing the security framework compliance / governance activities and requirements for Our Client.
- Day-to-day responsibilities will also include documenting adherence to governance requirements across policies / standards, procedures, controls, compliance, training and awareness, and preparing metrics / KPIs and reporting materials.
- This role will report to the EIS ESF Manager.
RESPONSIBILITIES :
Evaluate the design and operation effectiveness of Business / IT operations against the HITRUST CSF and identify areas of improvementInterview SMEs, examine evidence documentation, analyze and perform testingLearn the company functions / processes by conducting process walk throughsAnalyze root cause of issues, provide recommendations for process improvements and risk mitigation based on assessment findingsCollaborate with cross-functional teams to mitigate risks and ensure compliance with HITRUST CSFDeliver effective and concise documentation that meets HITRUST quality standardsPrepare and provide reporting such as dashboards and metrics, on various areas of performance, issue analysis and assessment statusesUtilize GRC tools to effectively manage assessment remediation plans and documentationServe as a HITRUST subject matter expertParticipate and provide support during audits, assessments, or other required third-party reviewsSupport initiatives / projectsBuild relationships internally to foster a culture of teamwork and collaborationQUALIFICATIONS :
Top 3 Required Skills / Experience :
At least 3-5 years of work experience in Information Security, IT general controls, IT compliance, IT Assessments and / or IT audit experience as well as knowledge and understanding of governance, risk, complianceKnowledge of security and risk frameworks, standards, best practices (e.g., HITRUST CSF, NIST CSF, ISO / IEC 27001, COBIT)Self-starter with effective written and verbal communication skills along with strong critical thinking skillRequired Skills / Experience :
Effective written and verbal communication skills and the ability to tailor communication style to the audience at handExperience in coordination and execution of the audit lifecycle, including evidence collection, review, observation tracking, management response collection and auditor relations and communicationStrong demonstration of problem-solving and decision-making abilityExperience working on testing of IT controls across systems, databases, applications and operating systemsStrong ability to frame and deliver messages based on experience and level of the listenerStrong critical thinking skills to actively pursue opportunities to develop and implement solutions to solve work problemsMust be able to solve problems, handle conflict, and make effective decisions under pressure with a highly professional demeanorStrong organizational skillsStrong ability to adjust to changing priorities while multitasking effectivelySelf-directed and works with minimal guidanceProactively seeks guidance when neededEducation / Certifications - Include :
Undergraduate university degree (4-year) preferred but not requiredMasters (e.g., MBA, MSIS, MIS, etc.) degree preferred but not requiredFive (5) years of combined IT experience to include two (2) years IT security workExperience in Information Security, IT general controls, IT compliance, IT assessments and / or IT audit experienceCertified Information Systems Security Professional (CISSP), CISA, CPA / CA, CISM or other equivalent professional certification preferred but not requireOpTech is an equal opportunity employer and is committed to creating a diverse environment. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, pregnancy, status as a parent, disability, age, veteran status, or other characteristics as defined by federal, state or local laws.
118015
