Information Systems Security Officer - New Hampshire Retirement System - Concord, NH | JobsInNH.com
Click Here For Career Advice and Articles

Information Systems Security Officer

New Hampshire Retirement System | Concord, NH 03305

New Hampshire Retirement System

SCOPE OF WORK:

The Information Systems Security Officer is responsible for researching, developing, implementing, testing and reviewing NHRS’ information security in order to protect information and prevent unauthorized access. This positon also supports security initiatives and NHRS policy adherence and awareness efforts and provides security expertise to business units and key stakeholders.
 

ACCOUNTABILITIES:

  • Using the Risk Management Framework of record, conduct assessments of information security controls in order to measure the effectiveness of controls and identify control gaps. 
  • Identify, assess, and prioritize identified risks, collect evidence, artifacts, and document findings to support conclusions, report on compliance with internal policies, controls, and standards, and provide recommendations for remediation of identified deficiencies.
  • Manage remediation efforts and report on the status of control deficiencies, this will include working with external partners.
  • Ensure compliance to guidance and standards such as NIST Publications, NHRS policies and procedures, and other industry best practices.
  • Coordinate third-party risk assessments and IT audits.
  • Manage security awareness training using NHRS approved software, and coordinate with third parties for onsite trainings and HR for tracking.  Training includes quarterly office testing.
  • Enforce policy adherence and manage formal policy exception requests.
  • Provide timely status updates/reporting on assessments and assigned projects.
  • Provide back up and assistance to others on the team, which include roles in Network and Server administration, and help desk duties.
  • Other appropriate and related duties as assigned by supervisor.

MINIMUM QUALIFICATIONS:
 

Education:  Bachelor’s degree in Computer Science or a related engineering field with training in information security.  Master’s Degree in Computer Science or Business preferred.

Experience:  10+ years’ experience in Information Security. 5+ years’ experience building and managing Windows server platforms. Experience using security scanners and remediating vulnerabilities, or similar tools. Experience in creating and maintaining minimum-security configuration baselines for Windows platforms and applications (i.e., Minimum Benchmarks: STIGS, US-CERT). Experience reviewing system logs for potential intrusions and policy violations, working with SIEMs is a plus.

 

License/Certification:  Valid driver’s license preferred.
 

PHYSICAL REQUIREMENTS:

  • This position requires sitting (80%), standing (5%), and walking (15%). 
  • Requires lifting materials of approximately 20-25 lbs.
  • Often requires computer responsibility, which involves extensive use of keyboard, mouse and monitor.
     

 WORK ENVIRONMENT/CONDITIONS:

  • Dayshift hours primarily, although overtime may be required in meet project deadlines.
  • Physically able to participate in training sessions, presentations, and meetings.
  • Work related assignments on weekends are possible

Posted On: 12/14/182018-12-14
Closing Date: 01/16/192019-01-16
Telecommute: No
Categories: Accounting
Job Type: Regular
Job Status: Full Time
Travel: No Traveling
Career Level: Senior Level (10+ years experience)
Minimum Degree: Bachelor's Degree
Pay Type: Hourly Wage
Similar Jobs: Within 25 miles of 03305, Accounting

To apply, fill out the information and click Apply Now

NOTE: once you apply you will receive an email with instructions for activating your account. You must activate your account to continue to use this email address for applications.