Information Security Risk Management Specialist

Harris is a leading provider of financial management and Customer Information Systems (CIS) software solutions; providing feature-rich and robust turnkey solutions to Public Sector, Schools, Utility, and Healthcare agencies throughout North America.

We are a financially strong, growing and stable company guided by our values to do the right thing when it comes to our customers, our employees, and our local communities.

At Harris, we offer employees the opportunity to learn and have fun, while empowering them to make a difference and directly contribute to the success of the organization! The Harris Corporate IT Team is seeking an Information Security Risk Management Specialist who will participate in evaluating, developing, and implementing security tools, standards, procedures, and guidelines for multiple platforms in diverse systems environments as needed.

As the Information Security Risk Management Specialist, you will utilize your wide area of expertise in risk management, security frameworks, regulatory compliance, cybersecurity, vulnerability management, disaster recovery and business continuity planning, incident management, and other areas to provide security support for the Harris group of companies.

You will analyze, montior, track, and report behaviors and tasks logged by assets (ie, applications, systems, networks) in the form of incidents to ensure Harris’ network and systems are protected from any potential leaks of information or malicious activities.

Routine tasks include analyzing and correlating event logs to help identify normal versus malicious activity in the network/domain and proactively monitoring cybersecurity and information technology infrastructure, including hardware, software, networks, applications and services.

  This position will communicate with the Corporate IT team, customer’s IT representatives, Managed Security Services and other appropriate areas, as deemed necessary.

What you'll do



* Perform risk and security assessments of applications, databases, and servers and supporting network technologies, such as routers, switches, access points, to identify, evaluate, and prioritize risks.


* Responsible for security controls, processes and architecture consultation, design and monitoring.


* Responsible for overall access control risk management including but not limited to auditing current access controls to identify potential risks, making recommendations for improvement in security and tracking remediation.


* Responsible for conducting risk assessments against various regulatory compliance such as HIPAA, PCI, etc.

and industry recognized security frameworks.


* Develop and execute corrective action and remediation plans for identified issues, risks or vulnerabilities.


* Analyze and assess security incidents and escalate incidents by following incident plan.


* Develop and maintain standard practices and procedures for appropriate response to identified threats.


* ...