IT Security & Compliance Manager

QTC Management, Inc. San Dimas , CA 91773

Posted 2 months ago

Job Summary:

Evaluates the design and effectiveness of IT controls based upon industry best-practice models (e.g. COBIT, ITIL, FISMA, FEDRAMP, NIST, ISO, OMB, etc.) in accordance with compliance requirements, and provides a systematic, disciplined approach to the analysis of operational business and governance processes to conform to standards and regulations.

Essential Duties and Responsibilities:

  • Assists in the analysis and definition of security requirements based upon data types, solutions markets, customer requirements, and other factors. Assists in identifying spirit and intent of security requirements in a manner that maximizes implementations across QTC solutions.

  • Has primary responsibility for cybersecurity compliance efforts including certifications, accreditations, and authorizations review, security test and evaluations and drafting associated reports

  • Coordinates compliance remediation activities and maintains accurate list of open and close compliance issues for the organization

  • Coordinates all internal (e.g. Leidos internal audits) and external audit events (e.g. HIPAA, NIST, SOX, Authorization To Operate (ATO) and Risk Management Framework (RMF) with clients, etc.), including discovery, sample delivery, management response, and remediation activities for all audits

  • Works with Leidos Security team to conduct, report, and remediate findings from Intrusion Detection and other vulnerability scans (e.g., Nessus, AppScan, AppDetective, WebInspect, Burp Suite, Qualys, or similar).

  • Reviews infrastructure and application architecture for security and compliance; provides actionable guidance to ensure secure infrastructure and application architecture posture.

  • Leads short-term projects that interact with multiple departmental teams including business, client and technical stakeholders; demonstrates ability to effectively communicate security requirements and implications to stakeholders of varying levels and business focus

  • Performs regulations and standards gap analysis and prepares audit reports

  • Assesses the new QTC Commercial Line of Business Security status and works on transitioning the line of business more in line with other standard QTC security and compliance standards

  • Facilitates customer request, information gathering, and prepares response

  • Develops mapping for controls to a Unified Control Framework

  • Other projects and duties as assigned

Competencies:

  • Ability to understand weight and intent of privacy, cybersecurity compliance frameworks, requirements, and system boundaries to provide effective and meaningful analysis as well as to recommend big picture strategy that maximizes implementation of security features and functions so as to result in cost efficient compliance with multiple relevant frameworks

  • Must be a hands-on, self-starter individual who is reliable, self-motivated, and has a can-do attitude

  • Experience managing and maintaining cyber security compliance within large organizations and distributed environments, including both on premise as well as in the cloud

  • Ability to identify technical and process design gaps based on applicable cyber security requirements and recommend appropriate remediation; including the drafting of plans, policies, and/or procedures

  • Ability to prepare compliance reports and associated metrics, both formal for security authorization or certification purposes, as well as actionable reports for internal consumption by system admins/developers

  • Ability to work independently with customer audit teams to provide relevant security details to fill information request

  • Excellent negotiation and executive-level presentation skills to work with senior business, client and technical leaders

  • Ability to multi-task and work effectively/efficiently with little direct supervision

  • Excellent writing, editing, and documentation and evidence management skills

  • Some travel will be required

  • Must be legally eligible to work in the United States

Education and/or Experience: (includes certificate & licenses)

  • Bachelor's degree from an accredited college in Technology related discipline (e.g. Computer Science, Engineering, Information Systems, etc.) or equivalent experience/combined education

  • 14 to 20 years working in compliance, information security, or internal audit covering one or more of the following: HIPAA, NIST 800-53, and Sarbanes-Oxley

  • Required CISSP; CISM, CRISC, or CGEIT preferred

  • Working experience with HIPAA and one or more of the following standards and regulations: NIST 800-53, SOX, PCI

  • Experience with using security tools such as Nessus, NMAP, Rapid7, and Qualys

  • Must be able to successfully pass National Agency Check with Inquiries (NACI) background investigation

This job description supersedes all prior job descriptions and is intended to describe the general content and essential requirements for the position listed above. It is not to be construed as an exhaustive statement of requirements, duties and responsibilities. Management reserves the right to add or change the duties of this position as required at any time.

QTC Management Inc. is a VEVRAA Federal contractor and an Equal Opportunity Employer. The company has an ongoing commitment to affirmative action and the creation of a workplace free of discrimination, harassment and retaliation. The company recruits, hires, trains, and promotes individuals in all job titles without regard to race, color, creed, religion, ancestry, national origin, age, sex, sexual orientation, gender identity, people with disabilities protected under law, and protected veteran status.


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Security Officer Healthcare Location

Allied Universal Security

Posted 3 days ago

VIEW JOBS 5/23/2020 12:00:00 AM 2020-08-21T00:00 Overview At Allied Universal® our Security Professionals assist clients, and the public at large, by providing essential jobs that keep our communities safe and secure. During this time, we need your help more than ever. We have immediate employment opportunities. Allied Universal also employs an interview process you can complete from the comfort of your home through our online application and video interviewing technology. We are North America's leading security services provider with over 200,000 phenomenal employees and invite you to apply to join the team. Job Description Full-TIme & Part-Time Shifts Available POMONA, CA. Hospital Location assisting with the overflow of low risk patients, Proper PPE Provided.Security professionals will be securing the hospital with a variety amount of patients. Must have experience in using hand held radio & good communication skills Allied Universal is seeking the position of Professional Security Officer. Our Security Officers embrace our company's core values. Be sure to visit Jobs.AUS.com for all of our Security Jobs and to learn more about our company. As a Professional Security Officer for Allied Universal you will be Responsible for the Security and Safety of our client's property and personnel. As the Allied Universal Security Officer you will know all site-specific policies and procedures, and implement emergency response activities as appropriate, while providing superior customer service. QUALIFICATIONS/REQUIREMENTS: * Be at least 18 years of age with high school diploma or equivalent * Possess effective written and oral communication and interpersonal skills with ability to deal with all levels of personnel and the general public in a professional and effective manner * Valid guard card/license, as required in the state for which you are applying. * As a condition of employment, employee must successfully complete a background investigation and a drug screen in accordance with all federal, state, and local laws * Display exceptional customer service and communication skills * Have intermediate computer skills to operate innovative, wireless technology at client specific sites * Ability to handle crisis situations at the client site, calmly and efficiently * Able to: * Work in various environments such as cold weather, rain/snow or heat * Occasionally lift or carry up to 40 pounds * Climb stairs, ramps, or ladders occasionally during shift * Stand or walk on various surfaces for long periods of time Closing Allied Universal provides unparalleled service, systems and solutions to the people and business of our communities, and is North America's leading security services provider. With over 200,000 employees, Allied Universal delivers high-quality, tailored solutions, which allows clients to focus on their core business. For more information: www.AUS.com. We proudly support the Veteran Jobs Mission, a group of over 200 companies that have committed to collectively hiring a total of one million military veterans. EOE/Minorities/Females/Vet/Disability Allied Universal Services is an Equal Opportunity Employer committed to hiring a diverse workforce. * ZR-SW * CB-SW * GD-SW Requisition ID 2020-412526 Allied Universal Security San Dimas CA

IT Security & Compliance Manager

QTC Management, Inc.