Apply Now    
Job ID / Title:
Associate Manager -Information Security
Job Category:
System Security
City:
Houston
State:
TX
Work Location:
Corporate Drive

Job Description


Sutherland Global Services is seeking an attentive and goal-oriented person to join us as an Associate Manager, Information Security. We are a group of driven and hard-working individuals. If you are looking to build a fulfilling career and are confident you have the skills and experience to help us succeed, we want to work with you!

The Associate Manager, Information Security position will be based in Houston, Texas and may require occasional travel to other locations.  The individual’s responsibilities will include performing security / risk assessments to ensure compliance with internal policies, controls, and standards, as well as client and regulatory security requirements – and evaluating technological, operational, and process controls to evaluate the design and implementation of security controls. 

Other responsibilities will include monitoring for adherence to customer requirements, ISO 27001 requirements, PCI DSS requirements, and other regulatory compliance requirements.  Additionally, the individual will participate in PCI DSS audits, Service Organization Controls (SOC) audits, SSAE 16 / ISAE 3402 audits, customer audits, and other compliance / regulatory audits occurring at Houston, TX site.  The role will interface closely with Service Delivery, other members of the global Information Security team, and other functions across Human Resources, Physical Security, Information Technology, and Facilities.

Qualifications

RESPONSIBILITIES

  • Conduct assessments of Information security controls to measure the effectiveness of controls and identify control gaps

    • Identify, assess, and prioritize identified risks

    • Collect evidence, artifacts, and document findings to support conclusions

    • Report on compliance with internal policies, controls, and standards

    • Provide recommendations for remediation of identified deficiencies

    • Track and report on findings/deficiencies to closure

  • Coordinate third-party risk assessments and audits, to include HIPAA audits, PCI DSS audits, Service Organization Controls (SOC) audits, ISO audits, SSAE 16 / ISAE 3402 audits, customer audits, and other compliance / regulatory audits occurring at the Houston, TX site, and other sites, as needed.

    • Track remediation efforts and report on the status of control deficiencies

  • Support/conduct information security investigations

  • Support security initiatives and global policy adherence and awareness efforts

    • Ensure that new client engagements adhere to the required information security controls and policies

    • Enforce policy adherence and coordinate formal policy exception requests

    • Ensure compliance to standards and regulations such as ISO 27001, PCI DSS and national information security laws

    • Provide timely updates on assessments and assigned projects

     

     

    QUALIFICATIONS

    The individual must possess excellent oral and written communication skills with the ability to interact and communicate with technical personnel, non-technical personnel, and senior management.  The individual must be pro-active, flexible, and able to work independently, adjusting quickly to changing priorities and conditions.  Must demonstrate strong leadership attributes as well as the innate ability to follow and be a supportive team member.

    Education Requirements:  Bachelor’s Degree in Computer Science, IT, Security, or related field

    Experience Requirements:  1 to 5+ years of experience in IT Security, Risk & Compliance, or IT Audit. Experience and knowledge of information security concepts / principles and audit / risk assessment methodologies

    Certification Requirements: Security + with CISA, CISM, CISSP certifications a plus

Apply Now