Student Veterans of America Jobs

Welcome to SVA’s jobs portal, your one-stop shop for finding the most up to date source of employment opportunities. We have partnered with the National Labor Exchange to provide you this information. You may be looking for part-time employment to supplement your income while you are in school. You might be looking for an internship to add experience to your resume. And you may be completing your training ready to start a new career. This site has all of those types of jobs.

Here are a few things you should know:
  • This site is mobile friendly. You do not need a log-in or password to access information.
  • Jobs on this site are original and unduplicated and come from three sources: the Federal government, state workforce agency job banks, and corporate career websites. All jobs are vetted to ensure there are no scams, training schemes, or phishing.
  • The site is refreshed daily to remove out-of-date content.
  • The newest jobs are listed first, so use the search features to match your interests. You can look for jobs in a specific geographical location, by title or keyword, or you can use the military crosswalk. You may want to do something different from your military career, but you undoubtedly have skills from that occupation that match to a civilian job.
Home View All Jobs (2,300,655)

Job Information

CGT Staffing Information Security - Compliance Manager in Pittsburgh, Pennsylvania

Information Security Compliance Manager

Direct Hire

Hybrid Schedule

Qualifications:

  • Bachelor's degree in information technology, computer science, or a related field.
  • 5 years minimum experience
  • Relevant certifications such as CISA, CISSP or CRISC
  • Experience in conducting compliance assessments and audits.
  • Experience in IT compliance, risk management, or related roles.
  • Expertise in IT processes, controls, and security best practices.
  • Solid understanding of IT compliance frameworks, regulations, and industry standards such as GDPR, HIPAA, COBIT, ITIL, PCI-DSS, ISO 27001, and NIST Cybersecurity Framework.
  • Strong understanding of security controls and their implementation across different IT domains.
  • Familiarity with vulnerability management, access management, change management, and incident response processes.
  • Proficiency in risk assessment methodologies and tools.
  • Knowledge of secure coding practices and application security concepts.
  • Understanding of network security architecture, protocols, and configurations.
  • Familiarity with cloud security concepts and technologies.
  • Understanding of encryption technologies and cryptographic protocols.
  • Experience using compliance management and GRC (Governance, Risk, and Compliance) tools.
  • Ability to analyze complex compliance issues, assess risks, and provide effective solutions.

Primary Responsibilities:

  • Provide leadership to the information security team, setting clear goals, expectations, and performance standards.
  • Provide ongoing training and professional development.
  • Conduct regular performance evaluations, provide constructive feedback, and recognize outstanding contributions.
  • Address performance issues promptly and fairly, implementing corrective actions as needed to maintain a high-performing team.
  • Promote knowledge sharing and collaboration within the information security team and across the organization.
  • Facilitate the exchange of best practices, lessons learned, and emerging trends in cybersecurity to enhance overall security posture.
  • Recruit, onboard, mentor, and train new members of the information security team, ensuring they have the necessary skills and knowledge to excel in their roles.
  • Develop and implement succession plans to ensure continuity of leadership and talent within the information security team.
  • Identify high-potential team members and provide opportunities for career advancement and leadership development.

Compliance Program Development:

  • Leads the development and implementation of the IT compliance program, including policies, procedures, and controls.
  • Stay current on relevant laws, regulations, and industry standards. Provide informed recommendations to ensure ongoing compliance.
  • Collaborate with stakeholders to identify compliance requirements and integrate them into IT processes and systems.
  • Compliance Assessments and Audits
  • Conduct regular (at least annual) internal assessments and audits to evaluate IT systems, processes, and controls for compliance with regulatory requirements and internal policies.
  • Manage and continually improve the organization's response to external audits and assessments, ensuring timely and accurate responses to audit requests.
  • Develop standardized responses to external information security audit, assessment, and due diligence questionnaires and requests, ensuring efficient and timely responses to external stakeholders.
  • Develop, organize, and maintain the documentation and other assets required to demonstrate control implementation and effectiveness on an ongoing basis. Collaborate with internal stakeholders as needed to support this activity.
  • Identify control deficiencies, recommend remediation actions, and monitor the implementation of corrective measures.

Policy and Procedure Development:

  • Collaborating wi h relevant stakeholders, contribute to the development and maintenance of IT policies and procedures, ensuring they align with regulatory requirements and industry best practices.
  • Communicate IT security policies and procedures to employees to promote awareness and compliance.
  • Regularly review and update policies and procedures to reflect changes in regulations or business requirements, ensuring they remain up-to-date and relevant.

Third-Party Risk Management:

  • Ensure compliance of third-party suppliers with applicable regulations and information security standards.
  • Conduct due diligence assessments and ongoing monitoring of third-party compliance.
  • Oversee team that will establish processes for monitoring and addressing non-compliance or security incidents involving third parties.
  • Assess and manage the risks associated with third-party relationships, including information security risks and data privacy risks.
  • Collaborate with procurement and legal teams to ensure compliance requirements are incorporated into vendor contracts and service level agreements.

Compliance Monitoring and Reporting:

  • Oversee team that will establish processes to track compliance with IT policies, standards, and controls.
  • Provide updates to senior management on the organization's compliance posture and remediation efforts. Communicate areas of non-compliance, potential risks, and recommended actions.

Compliance Training and Awareness:

  • Oversee team to help develop and deliver IT compliance training programs to educate employees on regulatory requirements, industry standards, and best practices.
  • Stay informed about emerging compliance trends and technologies and provide recommendations for continuous improvement.
  • Promote a culture of compliance and security across the organization.
  • Provide guidance to business units on compliance-related matters.

* IT Controls Assessment and Risk Management:*

  • Evaluate the design and effectiveness of IT controls to mitigate risks and ensure compliance.
  • Assist in the development and implementation of risk management frameworks and methodologies.

  • Collaborate with IT teams to identify and remediate control gaps or weaknesses.

     

DirectEmployers