Information Security Compliance Officer

Information Security Compliance Officer 1500193

• Hourly pay: $140/hr
• Worksite: Leading medical institution (Stanford, CA 94305 - Open to remote candidates in the United States)
• W2 Employment, Group Medical, Dental, Vision, Life, Retirement Savings Program
• 40 hours/week, 12 Month Assignment

A leading medical institution is seeking an Information Security Compliance Officer to lead initiatives to protect our digital resources, develop and implement innovative security strategies to effectively mitigate risks, and maintain a secure and resilient environment for education, research, and healthcare.

Information Security Compliance Officer Responsibilities:

• Lead the overall NIST readiness effort to support the research community, with a particular focus on compliance with NIH requirements, Cybersecurity Maturity Model Certification (CMMC), and NIST SP 800-171 standards.
• Execute a comprehensive strategy to prepare the university for an increasing number of security audits and evolving regulatory requirements, emphasizing compliance with CMMC, NIH, and NIST SP 800-171.
• Develop frameworks that not only meet current cybersecurity standards but also anticipate emerging challenges in the landscape of research-related security.
• Coordinate efforts across various departments to establish and maintain a robust compliance framework.
• Identify and analyze the university's existing security posture and determine gaps that may hinder compliance.
• Develop, maintain, and enforce information security policies, procedures, and standards in line with industry regulations, best practices, and the organization's risk management program.

Information Security Compliance Officer Qualifications:

• 7+ years of experience in information security, risk management, or compliance.
• A bachelor’s degree.
• Experience in higher education.
• CMMC level 1 and level 2 experience.
• Extensive policy/standards creation experience.
• Proven experience in information security, risk management, and compliance with a focus on establishing robust security frameworks.
• In-depth understanding of industry standards and regulations, particularly NIST & HIPAA.
• Strong analytical and critical thinking skills, with a demonstrated ability to identify, assess, and mitigate complex security risks effectively.
• Significant experience in leading security audits, risk assessments, and vulnerability assessments to ensure compliance and enhance security measures.
• Comprehensive knowledge of security technologies, including encryption methods, firewalls, intrusion detection systems, and Security Information and Event Management (SIEM) solutions.
• Multiple years of experience in a leadership role within a cybersecurity, information security, or compliance-related team, demonstrating the ability to guide and mentor junior staff while driving compliance initiatives.
• Exceptional capability to convey complex technical concepts in accessible language to diverse audiences, ensuring effective communication with stakeholders at all levels of technical expertise.
• Strong commitment to professional development and staying current with the latest security threats, technologies, and evolving industry regulations to inform compliance strategies.

Shift:

• M-F business hours.

#PP