Information Security Officer (ISO) - remote

GovAssist, LLC
Posted 1 year ago
We Work Remotely

We are GovAssist.com





GovAssist LLC is the leading company specialized in immigration consultancy dedicated to helping individuals travel to the United States, affiliated with the UT law firm GovAssist Legal which provides legal services on immigration matters. We have offered superlative assistance to more than 250000 clients so far, and we are preparing for a business expansion.


GovAssist Legal is a non-traditional legal services provider, authorized to the practice of Immigration Law by the UT Supreme Court’s Office of Legal Services Innovation. We collaborate with leisure travelers, business professionals, private organizations, international managers, investors, artists, and other experts for business and work-related travel visas, while we as well represent individuals in family-based immigration matters, permanent residency, and the United States citizenship.


We are seeking an experienced Information Security Officer (ISO) to join our team and help us protect our information assets. The ISO will be responsible for the strategic planning, development and administration of an effective information security program. He/She will have system and information ownership and will establish and maintain standards, procedures and guidelines to promote the security and uninterrupted operation of systems.


THIS ROLE IS NOT OPEN for RETAINERS or AGENCIES!


RESPONSIBILITIES:

  • Coordinates the continuous development and implementation of security and privacy policies, incident response plan, standards, guidelines, baselines, processes and procedures within the Company.
  • Identifies and addresses exposures to accidental or intentional destruction, disclosure, modification, or interruption of information.
  • Develop and manage the frameworks, processes, tools and consultancy necessary for IT to properly manage risk and to make risk-based decisions related to IT activities.
  • Proactive identification and mitigation of IT risks as well as responding to observations identified by third-party auditors or examiners while assisting in the development of periodic reports and dashboards presenting the level of controls compliance and current IT risk posture.
  • Assist CIO and staff with the audits and facilitate management response and remediation efforts. Ensure overall IT compliance with security and cybersecurity requirements through proactive planning and communication, ownership and relationships.
  • Receives allegations of security incidents and conducts complex investigations according to incident response plan. Prepares written findings, recommendations and follow-up evaluation. Analyzes patterns and trends.
  • Acts as an advocate for disputes, requests for exceptions and complaints regarding Company-wide information systems security policies, practices and related issues.

QUALIFICATIONS:

Hard Skills:

  • 5+ years of progressive experience in information security, recovery planning and testing, compliance, risk analysis, or auditing.
  • Bachelor's or Master's degree in Computer Science, or related area.

Soft Skills:

  • Excellent business communication skills (both oral and written).
  • Outstanding organizational, analytical, and troubleshooting skills,
  • Strong interpersonal skills and the ability to effectively communicate with a wide range of individuals and constituencies in a diverse community.
  • Proven problem solver with the ability to provide in-depth analysis of complex problems, manage risk and provide timely and accurate decisions.

Nice to have:

  • Knowledge of  IT processes and controls and a strong understanding of risk and control frameworks such as (CoBIT, ISO, NIST, ITIL, PCI).
  • General knowledge of information security regulatory requirements and standards such as ISO 27001/2 or similar.
  • Possess Certified Information Systems Security Professional (CISSP) or other information systems security certifications.