Information Security Program Administrator

Eclaro was founded on the premise that securing the Right Talent is the key differentiator in a competitive global arena.?To thrive in a dynamic global economy, corporations must have the ability to adjust their resources to meet the demands of new opportunities and peak periods, and to access talent not otherwise available in the most cost effective manner possible.

Eclaro is currently looking for an Information Security Program Administrator to support a client in Menlo Park CA. This role will be responsible for administering the security exception program and directly evaluating exception requests. The Security Program Administrator will support the security review program, provide security reviews and will coordinate and administer the security awareness and training programs.

• Administer Information Security Review and Policy Exception Evaluation programs.
• Evaluate requests for exception to established security policies, guidelines and standards.
• Perform information security reviews of vendor software, solutions and services to assess risk imposed and compliance levels against regulatory (HIPAA, PCI, etc.), department policies, guidelines and standards.
• Initiate, facilitate, and promote activities to create information security awareness within the organization.
• Manage the information security department website, providing updates, announcements, etc. to the site.
• Present on information security awareness topics and leads the security liaison program
• Coordinate and execute IT Security projects;
• Perform other duties as assigned.

Education:

• BA or BS in Computer Science, Management Information Systems, or related field, from an accredited college or university. CISSP, GIAC, or other security certifications preferred (willingness to obtain CISSP within first year is desirable).

Knowledge, Skills, and Abilities:

• 3+ years or more experience in Information Security with at least 2+ years administering information security, risk management, and privacy practices.
• Understanding of different levels of risk tolerance and risk exposure across the organization.
• Strong leadership skills with demonstrated ability to prioritize and execute in a methodical and disciplined manner.
• Ability to use independent judgment to make sound, justifiable decisions and take action to solve problems.
• Customer-focused mindset, with demonstrated skill in managing expectations, providing proactive status updates, and producing high-quality work product.
• Knowledge of information security standards (e.g., ISO 17799/27002, etc.), rules and regulations related to information security and data confidentiality (e.g. HIPPA, PCI, DSS, etc.)
• General desktop, server, application, database, and network security principles for risk identification and analysis.
• Strong analytical and problem solving skills are required.
• Excellent communications (oral, written, presentation), interpersonal and consultative skills will be needed in order to succeed.
• This position may require availability during off-hours for participation in scheduled and unscheduled activities.
• Ability to plan, organize, prioritize, work independently and meet deadlines.
• Ability to work in a collaborative, team environment.
• Knowledge of local, state and federal regulatory requirements related to areas of functional responsibility.