Establishes policies and procedures necessary to ensure the security of information system assets and to protect them from intentional or inadvertent access, disclosure, or destruction in accordance with company policies and industry standards such as HIPAA, Sarbanes-Oxley, SAS70, DIACAP, and PCI. Ensures that user community understands and adheres to necessary procedures to maintain security. Must be able to weigh business needs against security concerns and articulate issues and options to management. Performs risk assessments for sensitive internal and external systems and perform threat modeling.
- Develops procedures necessary to ensure the security of information system assets and to protect them from intentional or inadvertent access, disclosure, or destruction.
- Assists project teams in the implementation of security measures to meet corporate security policies and external regulations, e.g., Sarbanes Oxley and DIACAP.
- Assists in the performs risk assessments and security audits of internal and external facilities against established standards.
- Maintains appropriate security documentation for applications and systems.
- Assists in the communication and implementation of components of the ESI security awareness program.
- Performs additional duties as assigned.
- Bachelor’s degree in computer related field
- Five to eight years of relevant working experience; at least 3 years of experience in IT Security
- Certification in information security (CISSP, CISM, or equivalent) preferred
- Familiarity with external regulations, e.g., DIACAP, HIPAA, Sarbanes-Oxley; Strong understanding of information security principles; Familiarity with domain structures, user authentication, and digital signatures; Understanding of data communication networks; Experience with security tools and systems; PC skills including knowledge of Microsoft Office
- Excellent organizational skills and ability to communicate with internal/external entities and executives a must; Effective leadership skills, demonstrated ability to coordinate people and teams to project/activity completion and the ability to work in a team environment, sharing workloads and responsibilities; Customer service-oriented; Ability to work in a flexible environment where requirements and procedures continuously evolve; Ability to multi-task and manage time effectively
Job CategoryInformation TechnologyPrimary LocationUnited States-Missouri-St. LouisWork LocationsSaint Louis, MO - HQ 4 - 8640 Evans8640 EvansSt. Louis63134
ScheduleFull-timeShift1st ShiftEmployee StatusRegularTravelNoWork From Home?No
Internal ID: REQ20007534