project44 is maturing its information security program and is looking for an information technology and security professional to drive the growth and establishment of the information security management system.
The company’s goal is to establish the appropriate policies, practices and controls to achieve a SOC 2 Type 1 certification by the end of 2019. We will follow this with SOC 2 Type II and, likely, ISO 27001. The implemented controls should follow the NIST standards and guidelines.
- Build the project plan for obtaining SOC 2 certification and ensure GDPR compliance
- Define SOC 2 Scope
- Identify necessary Policies, Practices and Controls required
- Build out Company Risk Register
- Establish the security program including regular security risk reviews, project updates and executive briefings
- Work with the revelant teams in the organization to plan, prioritize and implement necessary controls
- Research potential solutions to controls and recommend solutions.
- Assist with implementing controls when possible.
- Schedule and coordinate third party security assessements.
- Manage the preparation of all materials for assessments and the follow up and response.