Information Security Officer (40633)

Posted: 03/05/2023

We are looking for an experienced Information Security Officer open to an opportunity in the Des Moines metro area. This is a chance for someone to work for a unique client unlike any in Des Moines. This individual will be responsible for overseeing information security, cybersecurity, and IT risk management programs. Interested in learning more or getting involved in our opportunities? Contact us for specifics!

  • Coordinate the development, implementation, and updating of security and privacy policies, standards, guidelines, baselines, processes, and procedures
  • Develop and manage the frameworks, processes, tools, and consultancy necessary for IT
  • Identify and mitigate IT risks
  • Assist with audits and facilitate management response and remediation efforts
  • Ensure overall IT compliance with regulatory requirements
  • Identify acceptable levels of residual risk and assist with action plans, policy, and procedural changes for risk mitigation
  • Improve project results, quality of deliverables, risk optimization, security processes, and compliance with regulations
  • Receive allegations of security incidents and conduct complex investigations
  • Coordinate information security incident response and reporting for events or exploited vulnerabilities
  • Act as ombudsman for disputes, requests for exceptions, and complaints regarding company-wide information systems security policies, practices, and related issues
  • Able to provide in-depth analysis of complex problems, manage risk and provide timely and accurate decisions
  • Experience in risk and information security policy development
  • Understanding of banking, corporate/industry information security, governance, risk and compliance practices and standards
  • Knowledge of laws and regulations including Gramm-Leach-Bliley (GLB) Act and Sarbanes-Oxley
  • Knowledge of IT processes and controls
  • Strong understanding of risk and control frameworks such as ISO, NIST, ITIL, PCI
  • Knowledge of information security regulatory requirements and standards
  • Certified Information Systems Security Professional (CISSP) or other information systems security certifications
  • Excellent organizational and communication skills

Work Model:

  • On-Site

Position Type: Full-Time