Specialist, Information Security Compliance-Meijer

Job Description

Job Title: Specialist, Information Security Compliance

Company: Meijer

Location: Grand Rapids, MI

Pay:

AI Pay Analysis: To effectively analyze the hourly rate for the “Specialist, Information Security Compliance” role in Grand Rapids, MI, it’s important to compare it to industry standards and regional salary averages. Typically, information security compliance specialists in the U.S. earn between $30 to $60 per hour, depending on experience, certifications, and the specific demands of the role. Grand Rapids may be slightly lower than larger metropolitan areas but should reflect similar trends. If the offered rate is within this range, it can be considered competitive for the area, particularly if the position includes comprehensive benefits or opportunities for growth. However, if the rate falls significantly below this range, it might be less desirable compared to other locations or roles in the same field. A further review of job boards, company postings, and local salary surveys would provide a clearer picture of the competitiveness of the offered rate.

Job description:
As a family-owned organization, we prioritize serving individuals and communities. At Meijer, we offer career and community opportunities that emphasize leadership, personal growth, and development. We invite you to join our family and take charge of both your career and community!

Meijer Rewards:
– Weekly pay
– Flexible scheduling
– Paid parental leave
– Paid education assistance
– Team member discount
– Development programs for career advancement

We encourage you to review the job profile below and apply today! This role offers the potential for remote work if you reside in one of our six designated states: Michigan, Indiana, Illinois, Ohio, Wisconsin, or Kentucky. Please note that this position does not provide sponsorship, including for OPT Student Visas.

What You’ll Be Doing:
– Develop, implement, and oversee a strategic, comprehensive enterprise information security compliance program.
– Ensure that the IT infrastructure aligns with industry standards and compliance regulations.
– Collaborate with IT and business stakeholders to understand requirements and ensure compliance without disrupting business operations.
– Conduct regular audits and risk assessments to identify vulnerabilities and resolve non-compliance issues.
– Coordinate with external auditors and consultants for external security audits.
– Prepare and document standard operating procedures and protocols.
– Design and deliver educational programs to enhance organizational understanding of relevant laws and regulatory requirements.
– Respond to security breaches, identifying root causes to prevent future incidents.
– Stay informed on the latest security technologies, practices, and compliance regulations.
– Lead efforts to identify securable resources, mentoring business staff in selecting appropriate resource owners.
– Collaborate with resource owners to establish suitable security policies for securable resources.
– Consult with IT technical services staff to evaluate, select, install, and configure security-oriented hardware and software systems.
– Mentor and guide resource owners and IT staff in addressing security audit failures reported by internal and external auditing teams.
– Advise security administration personnel on the standard and exceptional processing of security authorization requests.
– Determine appropriate documentation levels, maintaining security policies and resource classification schemes. Present information on security status, project status, and security training to diverse audiences as needed.
– Actively safeguard the integrity, confidentiality, and availability of information managed or processed by the company by promptly responding to information asset losses or misuse; leading investigations of suspected security misuse or compliance reviews; and communicating unresolved security exposures or non-compliance situations to management.
– Consult with IT management regarding the selection and use of realistic enforcement mechanisms.
– Oversee the review of security policies and resource classification schemes, keeping management updated on project status.
– Provide technical expertise and guide the administration of security tools that monitor information security, including maintenance of access control tables, user logon setups, and password management.
– Research, define, develop, and maintain effective disaster recovery plans, processes, and procedures for service recovery in the event of a declared disaster.
– Assess, design, test, recommend, and plan the implementation of new or improved information security software or devices.
– Analyze new software applications or tool implementations for their impact on existing security software and devices.
– Develop training curricula for information owners on necessary computer security controls or new/upgraded security software and devices.
– Conduct information security educational programs, including awareness seminars and workshops.
– Maintain a technical reference library, creating materials and workshops on emerging areas for IT as appropriate.

This job profile is not exhaustive of all responsibilities; additional duties may be assigned as needed.

What You Bring with You (Qualifications):
– Bachelor’s degree in Computer Science, Information Technology, or a related field.
– Professional certification, such as CISSP, CISA, CISM, SANS GIAC, or other industry-specific certifications.
– A minimum of 5 years of experience in Information Security.
– Over 6 years of IT experience with comprehensive exposure to business planning, systems analysis, security solutions, application development, and infrastructure support.
– Experience in IT must encompass systems analysis, security solutions, application development, and infrastructure support.
– Extensive knowledge of PCI, HIPAA, URAC, CTPAT, and other relevant compliance frameworks.
– Familiarity with information security standards, including NIST, CIS, ISO 27001, and ITIL.
– Experience as an IT auditor is a significant advantage.
– Strong understanding of IT systems, architecture, and the security aspects of compliance.
– Exceptional communication and leadership abilities.

Job Posting Date: Wed, 13 Nov 2024 05:01:52 GMT

Apply now!