View all jobs

Information Security Principal

Ramsey, NJ · Information Technology

Information Security Compliance Principal

One of our clients, medical devices and services company is looking for an Information Security Compliance Principal.

** Must be authorized to work in US for ANY EMPLOYER.
   No H1 Visa support
 for this position.

The Location is Northern New Jersey
Permanent position with great benefits.
Hybrid commute - 2/3 days Home/Office.

To be considered immediately please send your resume to igork@brainsworkgroup.com

Information Security Compliance Principal
  • Develops, implements, updates, and enforces data and security-related privacy policies, standards and procedures, and corrective actions as needed.
  • Maintains current knowledge of applicable data protection laws, security standards, information technology trends, and accreditation standards. 
  • Evaluates and improves processes for investigating, documenting, and reporting unauthorized access or disclosure of personal information. 
  • Maintains and updates the information management system in collaboration with legal and governance teams. 
  • Provides risk assessments and security briefings to management and advises them of critical issues that may affect customer or corporate security objectives.
  • Creates and delivers privacy and security-related training programs for all employees, contractors, and any appropriate third parties.
  • Leads risk assessments, audits, policy, governance, and/or reporting.
  • Maps controls to policies, procedures, and processes; testing such controls to ensure adequate coverage.
  • Evaluates and recommends security products, services, and/or procedures to enhance productivity and effectiveness. 
  • Manages vulnerability scanning and penetration testing activities.
  • Analyzes and remediates issues associated with ISO 27001 compliance, NIST framework, and other security standards.

Requirements and Skills
  • Minimum of 5 years’ experience with regulatory compliance assessments, Information Technology General Controls (ITGCs), control frameworks such ISO27001, SOX, NIST CCF, HIPAA, & GDPR. 
  • Strong working knowledge, understanding and experience in building, maintaining, and maturing effective security Governance, Risk, and Compliance functions 
  • Experience performing privacy and/or security gap assessments.
  • Knowledge of the federal and state privacy rules, regulations, and guidance related to security and privacy including but not limited to:
    1. HIPAA
    2. GLBA
    3. GDPR
    4. CCPA
    5. Safe Harbor framework
    6. Generally Accepted Privacy Principles (GAPP)
    7. NIST
    8. ISO27001
  • CISSP, CRISC, CISM, CISA, CIPP US/E and/or other relevant information privacy certifications preferred.
  • Experienced in the operational application of privacy laws.
  • Bachelor’s or equivalent practical experience combined with relevant certifications required
Understanding the environment in which business operates and associated data protection risks.

Use this link to apply directly:
Or email: igork@brainsworkgroup.com
Check ALL our Jobs: http://brainsworkgroup.catsone.com/careers

Keywords:  information security CISO compliance ITGC ISO27001 SOX NIST HIPAA GDPR CISSP CRISC CISM CISA CIPP

Share This Job

Powered by