- Company Name
- SYSTEMTEC
- Job Title
- Information System Security Officer
- Job Description
-
Job Title: Information System Security Officer
Role Summary: Lead and manage security, risk, and compliance initiatives for IBM System 390/zSeries, Windows, Linux, databases, networking, and web applications. Drive FISMA and NIST compliance, oversee eGRC tools, and develop risk management programs.
Expectations: Deliver end-to-end security posture improvements, align with regulatory standards (FISMA, NIST, CMS MARS‑E, HIPAA), and maintain continuous audit readiness. Collaborate cross‑functionally to embed security into all projects.
Key Responsibilities:
- Direct the creation, implementation, and enhancement of information system security and compliance frameworks.
- Conduct risk assessments, vulnerability management, and compliance audits across IBM mainframe, Windows, Linux, database, and network environments.
- Manage eGRC platforms (e.g., Archer) to track controls, incidents, and remediation.
- Develop and maintain policies, standards, and procedures per regulatory guidance.
- Provide security guidance to development and operations teams on secure coding, configuration, and deployment.
- Lead incident response activities and coordinate with stakeholders during security events.
Required Skills:
- 5+ years IT experience with IBM System 390/zSeries, Windows, Linux, relational/non‑relational databases, networking infrastructure, and web applications.
- Strong knowledge of FISMA and NIST security frameworks and other regulatory standards (CMS MARS‑E, HIPAA).
- 3–5 years risk management experience, including threat modeling and vulnerability assessment.
- Proficiency with eGRC tools (Archer or equivalent).
- Ability to analyze complex security requirements and translate them into actionable controls.
Required Education & Certifications:
- CISSP, CISA, or equivalent certification (mandatory).
- Bachelor’s degree in Computer Science, Information Security, or related field (preferred).