Search Non-profit Jobs

Search non-profit jobs:

Warning:

This page requires a viewport of at least 768px to display properly.
JOB POSTS

Information Security Officer

SOUTHWEST KEY PROGRAMS

Austin, TX, USA

Southwest Key Programs is looking for a part time Information Security Officer. This position may turn into a full time opportunity in the near future.

The Information Security Officer (ISO) provides the vision and strategy to ensure the confidentiality, integrity, and availability of Southwest Key Programs (SWK) electronic systems and information. The ISO collaborates closely with senior and executive leadership, and coordinates activities with other departments including HR, PQI, and Risk. Key responsibilities include creating and maintaining enforceable information security policies; ensuring compliance with regulatory requirements; evaluation, procurement, and deployment of security-related products; and developing and coordinating information security awareness and education programs. Additionally, the ISO will work in collaboration with the SWK Director of Risk to ensure that SWK system-wide disaster recovery and incident response plans are effective. The position may require more work hours than the normal eight-hour workday and also may require 20-25% travel.

Essential Functions:

  • Creates information security strategies, both short-term and long-term, in support of SWK’s goals.
  • Directs an ongoing, proactive risk assessment program for all new and existing systems and remains familiar with SWK’s business processes so effective controls can be put in place for those areas presenting the greatest information security risk.
  • Communicates risks and recommendations to mitigate risks to the executive team communicating in non-technical, relevant, cost/benefit terms so decisions can be made to ensure the security of information systems and information entrusted to SWK.
  • Oversees all ongoing activities related to the development, implementation, and maintenance of SWK’s information security policies and procedures.
  • Works with the SWK Privacy Officer to ensure full organizational compliance in securing PHI and PII.
  • Assists other departments including HR, PQI, and Risk, as well as programs, to ensure regulatory compliance including HIPPA.
  • Develops information security awareness training and education programs.
  • Ensures and tests that proper protections including intrusion detection and prevention systems, firewalls, and effective physical safeguards are in place and working as designed.
  • Performs risk assessments on a planned interval (quarterly) to review implemented processes to ensure the continuity, suitability and effectiveness of SWK’s approach to managing information security.
  • Performs vulnerability scanning on a re-occurring basis using specialized scanning tools and techniques that evaluates the configuration, patches, and services for known vulnerability is employed.
  • In collaboration with Risk, develops a business continuity/disaster recovery plan to provide for the ongoing availability of computer resources.
  • Defines and ensures that backup copies of information and software are completed on a routine schedule and tested regularly.
  • Evaluates security incidents and collaborates with the SWK Incident Response Team when sensitive information is breached.
  • Creates security categorization procedures to classify systems and information that is stored, processed, shared, or transmitted with respect to the type of data (e.g., confidential or sensitive) and its value to critical business functions are in place.
  • Defines position categorization or role based provisioning rules using least privilege model.
  • Performs system log monitoring to review audit logs, security events, system use, systems alerts or failures, etc.
  • Defines access controls and use policies and procedures to ensure appropriate use of computer assets to include but not limited to password, wireless access, remote access and mobile policies.
  • Defines boundary protection to protect and secure the network infrastructure and ensure transmission integrity and confidentiality.

Other Functions:

  • Remains competent and current through self-directed professional reading, developing professional contacts with colleagues, attending professional development courses, attending training, conferences, and/or courses as directed by the supervisor, and obtaining certifications relevant to job duties.
  • As a member of the SWK Operations Team, supports and contributes to the goals and objectives of the team.
  • Able to react to change productively and handle other essential tasks as assigned.

Qualifications and Requirements:

  • Bachelor’s degree required
  • Master’s degree preferred
  • Professional certification (CISSP, GIAC, CISA, CISM, etc.) preferred

Southwest Key Programs

Southwest Key Programs' mission is "Opening doors to opportunity so individuals can achieve their dreams." As a national, nonprofit organization, Southwest Key is committed to keeping kids out of institutions and home with their families, in their communities. We do this through three areas of programming: youth justice alternatives, immigrant children's shelters, and education.

HOW TO APPLY

Get jobs like this directly to your email!

Get the latest job postings sent directly to your email. Choose between a variety of filters to create a job alert matching your needs, and be the first one to be notified about new job posts.

Create a Job Alert