My client, a medical device company in Parsippany NJ, is looking for an Information Security Coordinator. This is a 5 days a week in the office position.
The ideal candidate for the Information Security Coordinator position has great communication skills, is self-motivated and passionate about their work, has a strong desire to grow professionally, and possesses an eagerness to be part of a dynamic group of focused and creative individuals and has excellent time management skills. The right candidate will be responsible for assisting and driving the continual improvement, auditing, and reporting of the group, working in an already established ISO27001 ISMS.
Job Description:
•• Monitor the corporate security systems ensuring the company’s systems align with the ISO27001 certification and any other industry recognized standards (such as NIST)
•• Complete risk assessments, identifying controls and monitoring controls against objectives and KPIs/SLAs
•• Drafting, updating, and implementing security policies, procedures, and work instructions
•• Advising on and assisting with implementing security governance and assurance activities, internal auditing, and testing activities
•• Facilitate continued security awareness through creating and providing security training
•• Mentor team members in security awareness, protocols, and procedures
•• Design and conduct security audits to ensure operational security
•• Respond timely to security incidents and provide post-mortem and root cause analysis
•• Review and inventory both client and customer contracts for security agreements, service level agreements, and other security related commitments
•• Research and recommend security upgrades to improve the company’s security posture
MUST KNOW ISO27001 and UNDERSTAND NIST STANDARDS
Core Requirements:
•• Bachelor’s degree or equivalent education and/or experience
•• 3 years’ experience in security management, preferably in the medical device industry
•• Proficient with Microsoft Office
•• Demonstrated understanding of ISO27001 ISMS
•• Ability to work with sensitive data confidentiality and professionally
•• Knowledgeable of GDPR and similar data privacy regulations
•• Good understanding of technical security controls and concepts including networks, end point, and application security
•• Strong verbal and written communication skills, including presentation skills
Desired:
•• ISC2 certification in information security
