Information Security - Eateam : Job Details

Greetings, My name is Sean and I'm an IT recruiter at EA Team Please find the job description below. If you think this is a good match, please send me your updated resume and a good time to reach you. If this role is not a fit, please feel free to share this with your friends or colleagues who might be a fit. Referrals are always welcome :) Information Security/Protection engineer ---Hybrid role in Rochester, NY ---12+Months Information Security/Protection engineer Hybrid role in Rochester, NY Duration: 12+Months 12 months Hybrid, Rochester, NY - must be onsite 2 days a week Local candidates given first preference Max rate $45.00 -per hour on a W2 or $50 per hour on a C2C (if you have your own corporation) Client is a university in Rochester NY Location: Hybrid work based in 1 Lomb Memorial Dr. Rochester, NY 14623 Title: Information Protection Engineer Top 3 7+ years of experience in information security, particularly in security reviews and GRC compliance using a tool like Eramba or other 7+ years of experience developing and enforcing security policies and procedures 7+ years of working experience with SOC 2 compliance framework Contract length: 12 months to start (possible extensions) Job Description: Ideal candidate will have a strong background in information security and a CISSP certification. This role focuses on security reviews, Security Policy Development and optimization. GRC compliance, and driving NIST compliance within our GRC platform Eramba. This role is critical to the organization ensuring sensitive data is private and secure. Key Responsibilities: Security Measures: Design and implement security protocols to protect data, networks, and systems. Regularly test and update these protocols to ensure maximum effectiveness. InfoSec Policy Development: Develop, document, and enforce security policies and procedures. Regularly review and update policies to reflect new threats and compliance requirements. Ensure policies align to SOC2 Compliance and other industry standards. Vulnerability Assessments: Conduct regular assessments to identify and mitigate security weaknesses. Provide detailed reports and recommendations based on assessment findings. Particularryly evaluating SaaS products and services the organization may interact with. Security Architecture: Design and maintain the security architecture of the organization. Collaborate with other IT teams to integrate security measures seamlessly. GRC Platform Management: Work within our GRC platform (Eramba) to help drive NIST compliance. Ensure all compliance activities are tracked and reported accurately, and provide guidance on best practices. SOC 2 Compliance: help organizations maintain a robust security posture and ensure the protection of sensitive data Qualifications: CISSP certification required, but I will try those without. Good communication and written communication skills to properly and effectively communicate security risk to non-IT business partners Proven experience in information security, particularly in security reviews and GRC compliance. Strong understanding of NIST frameworks and standards. Excellent analytical and problem-solving skills. Ability to develop and enforce security policies and procedures. www.eateam.com Sean Wright Sr Technical Recruiter 732-###-#### 7 32-339-0039 [email protected] EATEAM INC | 2 Kilmer RD |Edison NJ 08817| United States