Back to Job Search

Regional Information Security Officer

  • Location: Los Angeles, California, 90066
  • Job Type:Permanent

Posted 26 days ago

Our client is seeking a Regional Information Security Officer for a direct hire opportunity.  This resource can work remote, but must be okay with west coast hours daily. 

Key Responsibilities:

  • Participate in the design and deployment of new software systems, services, components, features, etc.
  • Perform information security audits for third party suppliers and vendors including support for RFPs and client audits
  • Participate in implementation and management of company security platforms such as endpoint protection, encryption, SIEM, CASB, perimeter controls and more
  • Develop appropriate plans to proactively mitigate potential security risks
  • Work with internal teams to identify and reduce weaknesses on a continuous basis
  • Help develop, maintain and enforce information security policies, standards, and procedures including incident investigations
  • Participate in training/awareness programs throughout the company to ensure all staff and appropriate contracted staff are aware of policies, common risks, and how to identify and respond to potential security incidents
  • Review and redesign existing workflows to create operational efficiencies
  • Maintain up to date knowledge of emerging security trends, risks, new guidance or standards (internal and external) and security enhancing technologies

Requirements for this position include: 

  • 5+ years experience with managing enterprise level security or 5+ years in a related role with increasing scope, responsibility, and complexity at a multinational company
  • College degree (BA or BS) Management Information Systems, Information Security, Information Technology, or related field
  • CISA, CISM, CRISC, CCSP certifications are preferred
  • Ability to cultivate relationships and act as a consultancy to varied stakeholders including cross-functional / peer relationships with diverse, global teams
  • Experience in project management and corporate security environment for a global company in such areas as policy creation, training / awareness, physical security controls, etc.
  • Technical audit experience such as PCI-DSS, NIST, OWASP, ISO27001, SOX, pen testing, etc. and ability to assess complex systems
  • Awareness of global data protection / privacy laws and regulations and risk management methodologies
  • Good understanding of security, administration, design, and implementation of operating systems and network security controls for both physical hardware and cloud-based SAAS / hosted solutions
  • Strong interest in and of understanding of infrastructure security concepts, cloud-based architecture, security controls and technologies, industry best practices, access controls, forensics and metrics
  • Advanced understanding of Microsoft 365