Informations principales

Les informations sur l’entreprise sont accessibles aux utilisateurs abonnés sur freelance.ca.

IT Security and Compliance Lead - REMOTE (1673)

Poste: Non spécifié

Début: Dès que possible

End: Non spécifié

Lieu: , Canada

Type de collaboration: Projet seulement

Taux horaire: Non spécifié

Dernière mise à jour: 30 sept. 2024

Description et exigences de la tâche

NOTE: 100% REMOTE within Canada, work in EST time zone Mon-Fri 9AM-5PM.

TYPE: 6-Month Contract, 8 hours/day, 40 hours/week

SKILLS: 5+ years of experience in IT security, compliance, strong background in managing and leading compliance initiatives, vulnerability management, patching processes, Agile methodologies, team lead, CISSP, CISM, CISA

INDUSTRY: Healthcare

DESCRIPTION:

The IT Security and Compliance Lead is responsible for leading and overseeing all aspects of IT security and compliance within the organization. This includes leading projects aimed at ensuring compliance with industry regulations, managing server and application vulnerabilities, coordinating penetration tests, and maintaining detailed inventories of servers and applications. The ideal candidate will have strong project management skills, a deep understanding of IT security principles, and experience with compliance standards.

RESPONSIBILITIES:

1. Project Management for Compliance Initiatives:

Lead and manage compliance projects to ensure adherence to industry regulations and standards.
Coordinate with cross-functional teams to implement and track compliance measures.

2. Server OS/Library Vulnerabilities Management and Coordination for Patching:

Identify and assess vulnerabilities in server operating systems and libraries.Plan, coordinate, and oversee the patching process to address these vulnerabilities.
Ensure timely application of patches while minimizing disruptions.

3. Initiating Security by Design Activities:

Integrate security best practices into the design and development of new and existing applications.
Ensure all applications comply with security standards and regulatory requirements from the outset.

4. Planning, Coordinating, Monitoring, and Collaborating for Penetration Tests:

Organize and oversee penetration testing for portfolio applications.
Collaborate with internal and external teams to identify and remediate vulnerabilities found during testing.

5. OS Version Upgrade Path:

Develop and manage a comprehensive roadmap for upgrading operating systems.
Ensure compatibility and minimal disruption during upgrades.

6. Server Inventory Management:

Maintain a detailed inventory of all servers, including configurations, locations, and statuses.
Ensure the inventory is up-to-date and accurate.

7. Application Inventory Management:

Keep an up-to-date inventory of all applications within the organization.
Document key details such as application versions, dependencies, and compliance statuses.

REQUIREMENTS:

Bachelor's degree in Information Technology, Computer Science, or a related field.
5+ years of experience in IT security, compliance, or a related role.Strong project management skills with the ability to lead and manage multiple projects simultaneously.
Deep understanding of IT security principles and practices.Proficiency in vulnerability management and patching processes.Experience with penetration testing and vulnerability remediation.Excellent documentation and inventory management skills.Strong communication and collaboration abilities.

Relevant certifications such as CISSP, CISM, or CISA are highly desirable.

Catégorie

IT consulting