• Bachelor's degree required. Major in Accounting, Computer Information Systems, or Management Information Systems is preferred.
• 5-8 years of experience in the areas of IT audit, corporate IT Audit, or technology risk consulting preferred.
• Strong verbal and written communication skills.
• Solid experience in planning engagements, managing IT audit projects, supervising personnel and developing audit work programs.
• Certified Information Systems Auditor (CISA).
• Travel expectations: up to 60%. This position may require national or international travel.
* Manages OLS information security processes, policies, and procedures including security monitoring, response and escalation processes.
* Manages the IT Security organizations change control processes and procedures.
* Recommends security and policy enhancements to executive management.
* Researches latest trends in information security.
* Performs annual risk assessment and communicate results to executive management.
* Responsible for all IT compliance and Information Security efforts. These include PCI-DSS, PA-DSS, HIPAA, HITRUST, SSAE16 SOC2 assessments.
* Tracking and scheduling all audits, reviewing and collecting exhibits, policy and procedure reviews, interacting with and supervising the QSA's while on site.
* Sets direction for all Information Security and compliance initiatives.
* Provides training, guidance, sets direction for all Information Security staff members.
* Maintain corporate security awareness programs including routine training and corporate wide phishing campaigns.
* Manages a team of 5 individual performers including mentoring, coaching and providing career advancement.
* Responsible for IT Security budget and fiscal year spending projections.
* 10 years in IT Security, preferably in a management role.
Bachelors degree required, Master’s preferred
* CISSP or CISM certification required.
* Working knowledge of encryption concepts.
* Working knowledge of HIDS, SIEM, antivirus, and vulnerability scanners.
* 5 years of PCI-DSS and SOC2 assessment experience.
* Innovative thinker with the ability to apply information security best practices to support the business and ensures compliance with PCI/PA-DSS and SOC2 requirements.
* Strong communication, collaboration and team-work skills.
* Self-starter who is resourceful and able to handle multiple projects simultaneously.
* A person that takes pride and ownership in their work.
* Technical background with good English writing skills.
* Located in Dallas Fort-Worth Area.
* Ability to work during off-hours as required.