Information Security Officer & IT Auditor Job in Bedford 76021, Texas Us

Sharp BancSystems, Inc. is seeking a Data Security Officer IT Auditor to act as our information security resource. 

This is a great opportunity to use your strong knowledge of technical, physical, and administrative information security controls.


The Data Security Officer will assist in the development and maintenance of Corporate Information Security (CIS) program policies and procedures, provide support to internal business partners in the use of CIS guidelines, and monitor and report on the status of corporate-wide compliance with CIS program requirements. CIS programs include: Information security, Contingency planning, Risk assessment, Information security training and awareness, Service provider management, and Incident response.


As the Data Security Officer, you will:


Responsibilities:

·          Support the development and maintenance of the CIS program policies, standards, procedures, guidelines, and database information.

·          Monitor changes to highly sensitive computer system security controls to ensure appropriate security administrative actions, and investigate and report on noted irregularities.

·          Plan and oversee network security vulnerability assessments with external security consultants to help identify risk issues; ensure that detailed management and executive summary reports of findings and recommendations are produced; and, monitor improvement to reported action items.

·          Review IS department and business unit information security reports for exceptions to established policy standards, security violations, significant system changes, and risk mitigation initiatives.

·          Work proactively with project managers to help ensure that information security, privacy, and business resumption controls are included as project requirements.

·          Provide guidance to business partners on the development, maintenance, and testing of business resumption plans.

·          Provide guidance to business partners on the completion of service provider management control requirements.

·          Help business partners identify appropriate technology controls and/or process improvement measures to resolve or mitigate known information security deficiencies.

·          Conduct walkthroughs to help improve environmental and user-related physical security controls and/or awareness over the protection of information systems assets and data records.

·          Maintain understanding of regulatory requirements, advisories, and emerging information technology trends and security control best practices.

·          Disseminate information to corporate partners to support their interpretation and implementation of required changes.

·          Maintain a general understanding of business functions and workflows for critical information systems used.

·          Perform a formal Information Technology Audit annually to include controls testing and access review.

·          Provide information security program status reports to the CEO on regularly scheduled activities, and exception reports for incidents related to the violation of information security policies.

Requirements: