For security purposes, this system automatically logs you off when it senses no activity for 60 minutes. Please click either the Next button or you can go to different pages of the application by selecting the page from the dropdown menu and clicking GO button every 60 minutes in order to avoid losing your data.
|Top Message||Both current Ohio State employees and the general public may apply for this unclassified professional position.|
|Message to Applicants|
|Number of Positions Available||1|
|University Title||Info Security Compliance Lead|
|Working Title||Info Security Compliance Lead|
|Department||Ohio Technology Consortia Srvs|
|Summary of Duties||
Supports Security Operations for the Ohio Technology Consortium (OH-TECH), in collaboration with the Chancellor of the Ohio Department of Higher Education (ODHE), in accordance with university policies, goals, and objectives; reporting to the Chief Information Security Officer. OH-TECH is looking for an Information Security Compliance Lead to coordinate policy and governance activities, primarily through assessing the effectiveness of internal controls, risk management and governance for information systems in accordance with organizational objectives and regulatory requirements.
The Information Security Compliance Lead will: Review processes that support the information systems control framework; work with the OH-TECH Security Team to develop best practices for the use of vulnerability management systems, automated security scanning tools, data loss prevention and risk assessment methodologies; perform independent audits and multi-disciplinary review of complex and sensitive issues related to information systems across the organization; develop, document, and implement organizational policies related to Security and Information Technology; perform information system audits, data classification, special investigations and consultations to management; and report findings and recommendations to leadership.
The Compliance Lead will provide consulting and expert guidance in organization wide efforts regarding security engineering, risk management, design, access and identity control, operational support and consultation; security operational services; set-up, verification, and audit of user access and authorizations; risk analysis and response; and input into the development of business continuity and disaster recovery procedures. The Compliance Lead partners with stakeholders at the university or unit level to ensure systems and data are secured against a range of physical, electronic, cyber, and other threats. The Compliance Lead will work with appropriate leaders, business partners and staff to plan and develop risk management solutions that satisfy the organization’s strategic and business needs.
The Compliance Lead has an understanding of the DevOps lifecycle, modern operating systems, as well as general networking knowledge. Works with the Security Team to develop best practices for the use of vulnerability management systems, automated security scanning tools, and risk assessment methodologies to identify the threats to the organization and mitigate them.
The Compliance Lead provides security planning, assessment, risk analysis, and risk management support. Will also recommend solutions to develop security requirements, assess security gaps, and guide the organization in meeting the security posture requirements. Must apply existing knowledge of Information Assurance policy, procedures, and workforce structure to provide expert guidance to engineering in the design, development, and implementation of secure networking, computing, and data center environments.
Ideally, the Compliance Lead has experience leading and mentoring junior analysts and consultants. Candidate should have an analytical mindset, inquisitive nature, responsiveness, and excellent assessment skills. Must also possess strong troubleshooting skills and the ability to work under pressure with multiple deadlines. Patience in working with non-technical end users is essential. Will work in a fast paced, small business environment with our talented team.
The Compliance Lead is able to grasp new concepts, facilitate information exchanges for data gathering, and collaborate with diverse audiences. Must follow established processes where applicable and establish and execute defensible processes where none are prescribed.
|Additional Information for Applicants:|
|Pre Employment Screening||Requires the successful completion of a background check.|
Bachelor’s degree or an equivalent combination of education and experience. Experience in implementing system accreditation processes and Risk Management Frameworks (e.g. NIST-800 series, RMF, CSF, CIS-RAM, COBIT); Experience with DISA STIGs and SRGs, MITRE ATT&CK, vulnerability management systems, mitigation and compliance processes, and reviewing results from automated security scanning tools. One or more of the following certifications: CISSP, CISM, CISA, CRM, CRMP, PRM, FRM, CERA, CEH, GSEC.
Have a solid understanding of windows, Mac, and/or Linux operating systems; hosts, networks, security, secure application development concepts. Hands-on experience with Vulnerability Scanning Tools (e.g. Rapid7, Qualys, Nessus). Experience with Code Scanning Tools: DAST and/or SAST. Experience with firewalls, NAT, HTTP, DNS, IP and OSI Networks. Experience with core LAN/WAN network technologies. Experience leading and mentoring junior analysts and consultants.
|Target Salary||$73,100.00 - $85,000.00 Annually|
|Job Category||Information Technology (IT)|
|Job Appointment (FTE%)||
|Temporary or Regular||Regular|
|Posting Start Date||09/26/2020|
|Posting End Date||10/25/2020|
|Dept Contact Name||Gall,Kristin L|
|Dept Contact Phone||614/247-8036|
Open Faculty Search, College of Pharmacy, United States, 1 day ago
Position ID:OSU -College of Pharmacy -CPDGLOBAL [#17219] Position Title: Position Type:Tenured/Tenure-track faculty Position Location:Columbus, Ohio 43214, United States [map ] Subject Area: Phar...
Call Center Representative , Franklin University, United States, 1 day ago
Franklin University has a full-time opening for a Call Center Representative who is the first point of contact for incoming calls to the University. The Call Center Representative is responsible f...
Faculty Supply Chain Management Logistics, Ivy Tech Community College, United States, 12 days ago
Must have a strong working knowledge of current technologies appropriate to the area of instruction, faculty credentials as outlined in the ASOM 7.1 as applicable to the specific area of instructi...