Information Security Compliance Specialist (InfoSec)
Description
Biote Medical is the world leader in hormone optimization and we are adding to our team! We partner with providers to take a complete approach to healthier aging through patient-specific bioidentical hormone replacement therapy and the only nutraceutical line created specifically to support hormone health.
We are currently looking for an InfoSec Compliance Specialist to join our team Irving, TX.
Summary
The Information Security Compliance Specialist is responsible for understanding, designing, and managing policies and procedures for company security standards. Ability to own responsibility for vulnerabilities, risk management, and compliance requirements. Great communication skills are a must, as this position works directly with business units, legal, and IT teams to make the best decisions meeting regulatory requirements and internal governance.
As the InfoSec Compliance Specialist, you will be responsible for the following functions:
- Implementation and management in one of the following areas: SOX, NIST, PCI, TxRAMP, and SOC
- Managing common controls across different frameworks and regulations.
- Experience collaborating with cross functional teams to achieve the same strategy in each governance or compliance standard.
- Creating KPI’s and critical success factors and managing process for groups to meet requirements and accepting of new standards inside an ever-changing company.
- Evaluation and guidance of all IT compliance requirements for the organization.
- Provides understanding of company policy and regulatory requirements for the organization.
- Ensures that solutions suggested will meet the policy or regulatory requirements.
- Determines all documentation needs for solutions and risk.
- Assess and manage the employee IT security program for all IT security requirements.
- Applies proper risk management and solutions direction for overall IT security programs for current and future business strategy.
- Ensures adequate risk documentation of security strategy with alignment to business strategy.
- Ability to identify, investigate, and report all compliance issues.
- Manage change management process to evaluate risks of changes to production environment and IT/business processes.
- Audit all internal governance via policy and regulatory requirements based on all regulatory statutes required to adhere to.
- Provide dashboard of current and future compliance requirements and status.
- Manage IT reporting functions for compliance, regulatory, internal governance, and information security.
- Create and distribute Executive Summary reporting for board and executives.
- Creation and implementation of policies and procedures as company processes and systems change to meet all compliance and governance.
- Manages risk for the company via NIST frameworks
As the InfoSec Compliance Specialist, your background should include:
- Bachelors degree in Computer Science or equivalent degree or experience.
- 5+ years relevant work experience
- CISM or CISA certifications preferred
- Vanta, Microsoft Azure, OneDraw experience preferred
- Administration of GRC tool writing and managing controls required
- Collaboration…
- NIST risk management experience preferred. COBIT or equivalent experience accepted
If you're interested in this awesome opportunity, please apply today!