Essential Duties and Responsibilities: To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed below are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individual with disabilities to perform the essential job functions.
Compliance and Information Security Management
- Leads IT compliance (e.g. ISO 2700.1) initiatives, implementation, monitoring and review of controls
- Assess existing security plans and technology architecture for vulnerabilities and potential enhancements.
- Develop, maintain and enforce information security policies, standards, and procedures.
- Collect, analyze and report security metrics on a consistent basis.
- Serve as a consultant and subject matter expert with regard to technological upgrades, improvements or changes that impact the information security environment.
- Develop and deliver ongoing training/awareness programs throughout the company to ensure all team members are aware of policies, common risks, and how to identify and respond to potential security incidents.
- Prepare the organization for and oversee information security audits.
- Remain up to date on emerging security trends, risks, new guidance, standards and security enhancing technologies. Identify and propose opportunities for improvement or enhancement.
- Responsible for being at all times compliant with the KJT Group Information Security Policy and all other policies, processes and documentation which relates to information security within KJT Group.
- This position is responsible for the ownership of one or more information assets and/or supporting assets, as defined within KJT Group’s ISMS Inventory of Assets.
- As an asset owner, this position is responsible for the secure management and operation of the assigned assets, as defined within KJT Group’s Inventory of Assets.
- As an asset owner, this position is responsible for the prompt investigation and resolution of any information security incident affecting the assigned assets.
Business Operations Support
- In the absence of the IT Director, provides basic desktop and technical support services to end users.
- Support the VP, Business Development with special projects.
- Develop, manage and assess vendor relationships that support security
Key Competencies for Success:
- Excellent communication and interpersonal skills with a strong orientation towards positive “customer” relations
- Strong analytical, critical thinking and problem-solving ability
- In-depth knowledge of applicable data privacy practices and laws.
- Professional integrity with a solid orientation toward collaboration and teamwork
- Strong organizational skills with the ability to manage your time effectively and balance short term needs with a long-term strategic vision
- Must have a comfort level with independently leading and executing a project from start to finish
- High level of accuracy and excellent attention to detail
- Strong technical knowledge of IT infrastructure, network hardware, protocols, standards, operating systems and virtual server environment
- Bachelors degree in Information Security, Cyber Security, Compliance, IT or similar field of study
- Industry relevant certifications are a plus
- 5-7 years of experience developing and managing ISMS
- Experience with security policy development, change management principles and processes, access control systems, security education, data protection, privacy, network penetration testing, SOX compliance and audits, threat analysis, vulnerability management and remediation
- Network and systems administration experience strongly preferred
Computer Skills: To perform this job successfully, an individual must be technically astute with a strong aptitude for learning new platforms
- Microsoft Office with specific strength in Word, Excel and Outlook
KJT Group is an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, sexual orientation, gender identity, national origin, disability or veteran status.