- Works to establish and enforce organizational standards related to the organization’s security and compliance of IT resources
- Researches and drafts security policies and guidelines and brings them to the ITLT for approval
- Communicates approved policies and guidelines to Ethnos360 departments and centers to make them aware of all security and compliance requirements
- Works closely with IT staff on specific projects and tasks that relate to security and compliance
- Stays up to date with IT security and compliance best practices by attending classes, reading publications, joining professional peer groups, etc.
- Participates in training and staff development activities
- Performs internal reviews to ensure that all current and new/updated policies and procedures adhere to best practices related to security and compliance
- Performs or works with third party audit groups to produce risk and technical vulnerability assessments, data classification, attack and penetration analysis, policy compliance and communication with internal teams
- Completes annual security insurance questionaries and submits the answers to the ITLT
- Actively participates in daily coordination and remediation of elevated security incidents in the organization
- Leads coordination and remediation of major security incidents
- Participates in the assessment of the security of new applications and programs prior to installation, upgrade, or widespread use within the organization
- Maintains confidentiality of highly sensitive information
- Participates in team meetings as required
- Participates in IT Leadership Team meetings as invited
- Performs other duties as assigned by the Director of IT
| Type: | Technology |
|---|---|
| Region: | North America |
| Country: | United States |
| Paid Position: | No |
| Responsibilities: | Works to establish and enforce organizational standards related to the organization’s security and compliance of IT resources Researches and drafts security policies and guidelines and brings them to the ITLT for approval Communicates approved policies and guidelines to Ethnos360 departments and centers to make them aware of all security and compliance requirements Works closely with IT staff on specific projects and tasks that relate to security and compliance Stays up to date with IT security and compliance best practices by attending classes, reading publications, joining professional peer groups, etc. Participates in training and staff development activities Performs internal reviews to ensure that all current and new/updated policies and procedures adhere to best practices related to security and compliance Performs or works with third party audit groups to produce risk and technical vulnerability assessments, data classification, attack and penetration analysis, policy compliance and communication with internal teams Completes annual security insurance questionaries and submits the answers to the ITLT Actively participates in daily coordination and remediation of elevated security incidents in the organization Leads coordination and remediation of major security incidents Participates in the assessment of the security of new applications and programs prior to installation, upgrade, or widespread use within the organization Maintains confidentiality of highly sensitive information Participates in team meetings as required Participates in IT Leadership Team meetings as invited Performs other duties as assigned by the Director of IT |
| Priority: | Urgent |
Requirements
| Skills: | • Must have a degree in Computer Science or a related Information Technology field, A+ certification, or equivalent work experience Preferred Qualifications/Certifications: • CIS 18 familiarity • Experience with various regulatory compliance requirements (SOX, HIPAA, etc.) • PowerShell • COMPTIA Security+ • Comptia Network+ or equivalent experience • (CISSP) Certified Information Systems Security Professional • (CISA) Certified Information Systems Auditor • (CISM) Certified Information Security Manager • (GSEC) GIAC Security Essential Certification • (SSCP) System Security Certified Practitioner • DNS, 1-2 years • DHCP, 1-2 years • Microsoft Active Directory and Azure Active Directory (1-3 years) • Windows Software Update Services (1-3 years) • Microsoft Azure certifications |
|---|---|
| Experience: | Additional Qualifications: • Strong Christian who is part of a local church community and who agrees to Ethnos360’s doctrinal statements • Basic knowledge of Windows and Microsoft 365 services and applications (Word, Excel, Teams, Outlook, etc.) • Basic knowledge of computer hardware • Working knowledge of compliance issues • Ability to take initiative and solve problems • Willing to contribute ideas to assist in process improvement and be an approachable team player • Ability to understand and apply principles, theories, and concepts of information technology in their daily work activities • Self-motivated with the ability to work independently and to carry out assignments to completion • Ability to follow instructions, routines, and best practices in daily work with a strong attention to detail and accuracy • Willingness to continually learn and improve in technological and communication skills • Strong written and verbal communication skills, including the ability to effectively communicate with internal and external individuals |
| Comments: | LOCATION: The qualified applicant may serve at the Home Office, Sanford, FL or from a remote location. This is a full-time position and is open to a Volunteer, Ethnos360 Member, or Paid Staff. Salary: Negotiable |