We are looking for an experienced Information Security Officer open to an opportunity in the Des Moines metro area. This is a chance for someone to work for a unique client unlike any in Des Moines. This individual will be responsible for overseeing information security, cybersecurity, and IT risk management programs. Interested in learning more or getting involved in our opportunities? Contact us for specifics!
Responsibilities:
Coordinate the development, implementation, and updating of security and privacy policies, standards, guidelines, baselines, processes, and procedures
Develop and manage the frameworks, processes, tools, and consultancy necessary for IT
Identify and mitigate IT risks
Assist with audits and facilitate management response and remediation efforts
Ensure overall IT compliance with regulatory requirements
Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation
Improve project results, quality of deliverables, risk optimization, security processes, and compliance with regulations
Receive allegations of security incidents and conduct complex investigations
Coordinate information security incident response and reporting for events or exploited vulnerabilities
Act as ombudsman for disputes, requests for exceptions, and complaints regarding company-wide information systems security policies, practices, and related issues
Requirements:
Able to provide in-depth analysis of complex problems, manage risk and provide timely and accurate decisions
Experience in risk and information security policy development
Understanding of banking, corporate/industry information security, governance, risk and compliance practices and standards
Knowledge of laws and regulations including Gramm-Leach-Bliley (GLB) Act and Sarbanes-Oxley
Knowledge of IT processes and controls
Strong understanding of risk and control frameworks such as ISO, NIST, ITIL, PCI
Knowledge of information security regulatory requirements and standards
Certified Information Systems Security Professional (CISSP) or other information systems security certifications
Excellent organizational and communication skills
Work Model:
On-Site