Information Security Governance Specialist

​

Description

Overview

Harris is a leading provider of financial management and Customer Information Systems (CIS) software solutions; providing feature-rich and robust turnkey solutions to Public Sector, Schools, Utility, and Healthcare agencies throughout North America.

We are a financially strong, growing and stable company guided by our values to do the right thing when it comes to our customers, our employees, and our local communities.

At Harris, we offer employees the opportunity to learn and have fun, while empowering them to make a difference and directly contribute to the success of the organization!

The Harris Corporate IT Team is seeking an Information Security Governance Specialist who will provide risk management and governance oversight to ensure security controls and processes are appropriate to minimize risks and meet regulatory compliance requirements.

As the Information Security Governance Specialist, you will utilize your wide area of expertise in risk management, cybersecurity, vulnerability management, information security governance, incident management, security frameworks and other areas to provide security compliance oversight for the Harris group of companies.

This position will communicate with the Corporate IT, Legal and Compliance teams, customer’s IT representatives and stakeholders, and other appropriate areas, as deemed necessary.

Duties


* Assist with the management of and participates in the information security, governance, and risk management programs according to established policy requirements.


* Monitor the information security, governance, and risk management programs to ensure organizational controls and processes are appropriate to minimize security risks and to ensure compliance with various security standards and regulatory requirements.


* Assist with the development, maintenance and publishing of up-to-date information security policies, standards, and guidelines.


* Advise executive leadership and provide oversight of policies, standards and procedures related to information security and regulatory requirements as it relates to security controls and processes.


* Lead and/or participate in various steering committees and other groups as appropriate.


* Assist with the development of and oversee effective disaster recovery policies and standards to align with enterprise business continuity management program goals.


* Responsible for conducting risk assessments against various regulatory compliance such as HIPAA, PCI, etc.


* Perform risk and security assessments of applications, databases, and servers and supporting network technologies, such as routers, switches, access points.


* Participate in annual security audits, incident response exercises, security reporting, audit, and compliance support.


* Develop and execute corrective action and remediation plans for identified issues, risks, or vulnerabilities.


* Assess potential risks and vu...