Information Security Officer (ISO)
Defense contractor involved with product development and manufacturing of various systems for military aerospace and vehicles in the Los Angeles International Airport area is searching for an experienced Information Security Officer. With a 50+ year foundation, The Marvin Group supports all branches of the Department of Defense and allies around the globe on an array of programs and platforms. We support many military prime contractors including Lockheed Martin, Northrop Grumman and Raytheon.
The Information Security Officer (ISO) provides the vision and strategies necessary to ensure the confidentiality, integrity, and availability of electronic information by communicating risk to senior administration, creating and maintaining enforceable policies and supporting processes, and ensuring compliance with regulatory requirements. To support these activities, the ISO coordinates activities with other departments, including the evaluation, procurement, and deployment of security-related products and develops and coordinates information security awareness and education programs. Additionally, the ISO ensures system-wide disaster recovery and incident response plans are in place.
- Creates information security strategies, both short-term and long-range, in support of corporate goals.
- Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with the corporate goals and business processes so effective controls can be put in place for those areas presenting the greatest information security risk.
- Oversees all activities related to the development, implementation, and maintenance of information security policies and procedures by ensuring these policies and procedures encompass the overall security of electronic information at rest or in motion within the corporate system. Assisting departments in local process and procedure development, ensuring they are not in conflict with corporate policies.
- Ensures vulnerabilities are managed by directing periodic vulnerability scans of servers connected to corporate networks.
- Develops information security awareness training and education programs, works with other corporate entities to present them to staff, and participates in local, regional, and national awareness and education events, as appropriate.
- Acts proactively to prevent potential disaster situations by ensuring that proper protections are in place, such as intrusion detection and prevention systems, firewalls, and effective physical safeguards. Provides for the availability of computer resources by ensuring a business continuity/disaster recovery plan is in place to offset the effects caused by intentional and unintentional acts.
- Evaluates security incidents and determines what response, if any, is needed and coordinates corporate responses, including technical incident response teams, when sensitive information is breached.
- Remains competent and current through self-directed professional reading, developing professional contacts with colleagues, attending professional development courses, attending training, conferences, and/or courses as directed by the supervisor, and obtaining certifications relevant to job duties.
- Contributes to the overall corporate success by performing all other duties and responsibilities as assigned.
SKILLS / REQUIREMENT
- A Bachelor’s degree is preferred, but will consider very qualified candidates with combination of equivalent education & experience.
- At least five (5) years of varied information technology experience is required. Applicable experience includes, but is not limited to, computer and networking infrastructure, operating systems, application software development, project management, regulatory compliance, risk management, and providing training.
- Two (2) years of direct experience in information security-related duties is required.
- Experience with NIST SP 800-171 and 800-53 preferred.
- Experience in a corporate setting is preferred.
- The ability to understand hardware and software systems is required.
- The ability to maintain confidentiality in regard to information processed, stored, or accessed by the systems is required.
- The ability to manage multiple concurrent projects and to reason analytically is required.
- The ability to work with and train people possessing differing levels of technical knowledge is required. Effective verbal and written communication skills and proficiency in writing technical specifications are required.
- The ability to develop knowledge of, respect for, and skills to engage with those of other cultures or backgrounds is required.
- Professional certification (CISSP, GIAC, CISA, CISM, etc.) is preferred.
- Must be able to speak/read/write English.
- Must be able to lift up to 35 lbs.
Interested parties, please send resume to firstname.lastname@example.org (include job title in email subject line) or Fax 310.671.1256. Visit us at marvingroup.com
The Marvin Group is an EEO/AA/Disability/Vets Employer.
Our company uses E-Verify to confirm the employment eligibility of all newly hired employees. To learn more about E-Verify, including your rights and responsibilities, please visit www.dhs.gov/E-Verify.
If you are an individual with a disability and require a reasonable accommodation to complete any part of the application process, or are limited in the ability or unable to access or use this online application process and need an alternative method for applying, you may contact Human Resources at 424.318.4631.