Job Title

IT Compliance Officer
 

Location

Southern CT
 

The Information Security department is responsible to identify and remediate information technology risk for our Client. The types of risk include, cyber-attacks, compliance, assurance and fraud. Maintains systems to protect data from unauthorized users. Identifies, reports, and resolves security violations. Familiar with standard concepts, practices, and procedures within a particular field. Relies on experience and judgment to plan and accomplish goals. Performs a variety of tasks. A certain degree of creativity and latitude is required.

Essential Duties:

1.       Conducts risk assessments and security assessments of IT applications.

2.       Performs vulnerability management for applications and infrastructure.

3.       Provides remediation guidance to departments with non-compliant or non-secure applications.

4.       Responsible for monitoring and maintaining the integrity of our Client’s system inventory.

5.       Develops routines to aid in security metrics tracking.

6.       Assists in the maintenance of content for the Regulation Security site and the Information Security site.

7.       Performs as an IT compliance and audit expert.

8.       Assures IT compliance incidents are promptly addressed, tracked and resolved; considers implications, makes recommendations and takes appropriate follow-up.

9.       Assists in the application of established policy to particular situations, consulting appropriately.

10.   Conducts periodic compliance audit and risk management programs.

11.   Coordinates and consults on data security compliance trends, best practice and recommendations for risk management & security design.

12.   Conducts periodic risk assessments.

Education and Experience:

Bachelor’s Degree in a related field and two to five years of related experience in an information security environment; or the equivalent combination of education and experience. Broad knowledge of information security management, risk assessment and regulatory compliance.

Skill/Ability:

1.       Proven knowledge of privacy and regulatory compliance as it relates to information security.

2.       Demonstrated oral and written communication skills. Well organized and detail oriented. Ability to prepare documentation to provide guidance related to compliance with state and federal regulations, and university policies and procedures.

3.       Critical, strategic thinking and proven ability to use a combination of research, experience, testing and escalation to efficiently find a balance of the most appropriate and cost-effective solution.

4.       Proven ability to interact with individuals with differing levels of technical expertise including, business, clinical and technical staff, and end users.

Education and Experience:

BA in a technical field, and 1-2 years of diverse project management experience involving technology and/or information assurance. 1-2 years of technical computer support, development or programming experience, or an equivalent combination of education and experience.

Licenses or Certifications (preferred):

CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CISSP (Certified Information Systems Security Professional).

Location: CT

Compensation: Annual salary - $80,000-$95,000 plus comprehensive benefit package