INFORMATION SECURITY ENGINEER
This position will perform IT compliance audits, risk assessments, control gap analysis. The ability to verify audit/compliance issues with internal/external clients, and provide results with formal documentation is required for the position. As the position will also conduct due diligence security reviews of new vendors, travel will be required. This position will report to the Manager, Information Security.
ESSENTIAL FUNCTIONS Duties and Responsibilities
-Execute work program for security audits, control gap analysis and risk assessments.
-Validate and monitor vendor compliance with HIPAA Security Rule.
- Assist with the performance and documentation of PCI DSS testing.
- Review and identify risks, impact, and/or gap with security controls.
- Must maintain an awareness of current internal policies as well as business and departmental objectives. Knowledge, Skills and Abilities
- Audit methodology.
- Knowledge of information security fundamentals and best practices.
- Must be able to verbally address risks/vulnerabilities/issues, impact, and recommendations with clients (internal or external).
- Must be able to document audit/assessment results.
- Bachelor’s Degree in Information Systems and/or Accounting.
- Minimum 3 years in Audit, Internal or External.
- Verbal and written skills