Information Security Administrator

Job Type

Full Time

Salary

Minimum: $98,512
Maximum: $109,457
Details: Non-Negotiable

Published

07/31/2018

Address

2200 Research Boulevard
Rockville
MD
20850
United States

Description

Description


The purpose of this position is to manage and perform core information security functions. This includes recommending and implementing security systems, policies, and procedures to ensure compliance with standards, including PCI, HIPAA, and GDPR. Responsibilities also include monitoring and responding to security events, and providing office-wide information security awareness training.


Responsibilities


  • Monitor the security of all network systems. Recommend and implement additional security solutions or enhancements to ensure the confidentiality, integrity, and availability of ASHA data.
  • Perform risk assessments with business units, and develop incident response plans.
  • Lead incident response activities for all information security events, including data breaches and cyber attacks.
  • Supervise the design and execution of vulnerability assessments, penetration tests, and security audits.
  • Recommend and implement systems, policies, and procedures required for maintaining PCI, GDPR, and HIPAA compliance.
  • Create and maintain the Information Systems disaster recovery plan.
  • Maintain association Information Security Policy.
  • Develop and conduct security awareness training for all staff. Provide in-depth security training for network team staff.
  • Provide quarterly reports to upper management on the state of ASHA’s information security.  


Qualifications

Knowledge Typically Acquired Through

  • Obtaining a bachelor's degree in Computer Science or Information Systems Management
  • Minimum of three years related experience
  • Security certifications, such as CISSP, CISM, or GSEC


Scope and Depth of Technical Skills/Knowledge

Detailed knowledge of and experience with:

  • Implementing secured solutions for Microsoft Windows server and IIS environments.
  • Implementing secured solutions for managing desktops.
  • Implementing secured solutions for Cisco networking environments.
  • Managing Internet security technologies and protocols, including firewalls, intrusion prevention systems, and virus detection systems
  • Writing technical policies
  • Thorough understanding of:
  • Requirements for PCI certification
  • GDPR requirements
  • HIPAA requirements
  • Security awareness topics


Scope and Depth of Non-Technical Skills/Knowledge

  • Strong teamwork skills
  • Ability to write clear and accurate user and technical documentation
  • Strong written and oral communication skills
  • Experience managing multiple, concurrent projects
  • Analytical problem solving skills
  • Ability to quickly learn new software applications for evaluation purposes

Benefits

Health, Vision, Dental Insurance, Short Term & Long Term Disability, 401k, Wellness Classes, Flextime, Flexplace, Telecommuting, Carpool, Annual Leave, Sick Leave, Paid Holidays, Floating Holidays

Professional Level

Professional

Minimum Education Required

4-year degree


Share:

Share: