Position: IT SECURITY COMPLIANCE MANAGER

Location: Downey, CA

Duration: 6 Months

The Consultant will perform the following tasks:

1. Provide security expertise in NIST 800-53 and ISO 270001/2 controls, PCI, HIPAA

and CJIS compliance and helps CSB to create best practice frameworks, policy

creation and business impact analysis

2. Design and implement a program which includes development and implementation

of efficient IT policies and procedures.

3. Collaborates and effectively engages with ITS teams, departments' stakeholders

and leadership across the County to develop, define and build risk assessment

methodology with identified business priorities

4. Responsible for managing the program to achieve full compliance with the County

defined IT Controls, and Security programs, and implementation of IT procedures

focused on efficiency, effectiveness and risk avoidance.

5. Collaborate with the ITS team, internal audit and the corporate security team to

assess, remediate and prevent information technology risks.

6. Management and reporting of risk and security metrics.

7. Perform ongoing education and training in Information Security related areas

8. Development of IT Strategies and roadmap.

9. Provides oversight and project management of various internal and external audits,

PCI, HIPAA and CJIS compliance and risk/ control assessment engagements, and

regular penetration testing

D. MINIMUM QUALIFICATIONS

The selected candidate must meet the following minimum qualifications:

1. One or more of the following professional certifications requited: Qualified Security

Assessor (QSA), Certified Information Systems Auditor (CISA), Certified Information

Systems Security Professionals (CISSP), Certified Information Security Manager

(CISM) or Certified Information Privacy Professional (CIPP)

2. Bachelor's degree from an accredited college in Technology related discipline (e.g.

Computer Science, Engineering, Information Systems, etc.) or equivalent

experience/combined education.

3. Minimum of three (3) years' experience in the last five (5) years as an IT Security

Compliance Manager, supporting a complex enterprise security environment for a

large public or private organization.

4. Minimum of three (3) years of experience in the past five (5) years as an IT Security

Compliance Manager, supporting Enterprise Multi-Tenant environment, include

responding, containing, remediating, and reporting on the infrastructure connecting

to County Departments and Public Cloud Providers, such as AWS, Azure and/or

GCP.

5. Minimum of two (2) years' experience in the last three (3) years analyzing,

responding, and remediating enterprise network & security architectures.

6. Minimum of two (2) years' experience in the last three (3) years leading IT

Security/Information Security teams.

7. Demonstrated ability to create clear, concise technical documentations such as

procedures, Visio diagrams, and system support documents, and strong

presentation skills with experience using Microsoft PowerPoint

Thanks & Regards

Rajeev

West Advanced Technologies, Inc

E: rajeev.g@wati.com

C:9162095915 | T: 5072292946