This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

IT Security and Governance Manager

From OWASP
Jump to: navigation, search

JOB SUMMARY:

Responsible for the IT Security and Governance processes within the Information Technology (IT) Department.

JOB DUTIES AND RESPONSIBILITIES:

• Ensures IT controls are in place or developed to satisfy audit and regulatory requirements and appropriately manage risk.

• Monitors changing regulatory requirements and security threats and partners with internal stakeholders to update IT security policies and procedures as required.

• Develops and maintains documentation and responds to information requests for internal and external audits, including but not limited to Division of Insurance (DOI), SAS 70/SSAE 16, annual financial audits and customer assessments. Follows up on open IT audit findings through closure.

• Develops and maintains Disaster Recovery plans. Participates in DR exercises and documents test results.

• Reviews security controls of key partners and vendors and reviews application security control design. Identifies and communicates risks and recommends effective and cost-appropriate risk mitigation.

• Monitors IT security software industry and market trends, evaluates tools and methodologies, and recommends solutions.

• Communicates updates and security awareness messages through formal and informal channels to internal audiences.

• Represents DentaQuest’s information security program to external audiences.

• Serves as a resource for peers and staff, providing security consulting, direction, support and mentoring in areas of expertise.

• Other duties as assigned.

JOB REQUIREMENTS:

• BS or equivalent and more than 10 years of work experience in an information security, disaster recovery management, and/or audit or control function, in which there are demonstrated progressive levels of responsibility, experience, and leadership.

• Must have demonstrated expertise in IT Security, Disaster Recovery and Governance. Certification desired, such as CISSP, CISA, CISM, CBCP, or SANS GIAC.

• Knowledge of HIPAA/Hi-Tech security and privacy requirements, CMR 201, state security breach laws and PCI standards.

• Excellent verbal and written communication skills.

• Effective organization, prioritization, negotiation and influencing skills.

PHYSICAL AND ENVIRONMENTAL CONDITIONS

• Ability to work in a traditional professional office setting and operate a personal computer

• Occasional overnight travel, in most cases by air.

• Work schedule determined by project schedules.

Qualified applicacants should send a letter of interest and resume to [email protected]

Retrieved from "https://wiki.owasp.org/index.php?title=IT_Security_and_Governance_Manager&oldid=83889"