Business Unit Information Security Officer
Location: Myrtle Point
Posted on: May 6, 2021
Section 1: Position Summary This position will be responsible to
perform a variety of Information Security responsibilities across
Ascensus and as the primary resource for our Health Savings
business unit. The individual hired for this position requires a
passion for data protection, solid information security experience,
strong communication and organizational skills, collaborative
abilities, self-motivation, innovation, efficiency and attention to
detail. This position will report directly to the Ascensus Chief
Information Security Officer. Section 2: Job Functions, Essential
Duties and Responsibilities
- Responsible for protecting, securing, and proper handling of
all confidential data held by Ascensus to ensure against
unauthorized access, improper transmission, and/or unapproved
disclosure of information that could result in harm to Ascensus or
- Our I-Client service philosophy and our Core Values of People
Matter, Quality First and Integrity Always should be visible in
your actions on a day to day basis showing your support of our
organizational culture. Leading the Health Savings Business Unit on
all security needs:
- Subject Matter Expert (SME) on corporate security policies,
- Guiding teams on implementing information security best
- Provide BU security and compliance reporting to corporate and
- Responding to inquiries, audits, questionnaires and RFPs.
- Excellent writing skills and "executive presence" meet this
objective. Supporting Ascensus corporate security initiatives Each
BISO champions at least one corporate security program and
assisting as-needed in areas such as:
- Vulnerability management
- System Hardening
- Cloud security
- IT Compliance efforts and reporting
- Data Access Governance
- Identity and Access Management/Privileged Access
- Designing and implementing secure software development
- Developing and managing policies and procedures
- Anti-phishing & Email Security program
- Vendor compliance assessments and contract reviews
- Assessing and selecting security vendors or solutions based on
- Leading incident response events
- Managing and testing our control framework
- Support internal and external audits including SOC, regulatory
audits, or client initiated
- Assisting with risk assessments
- Assessing the viability and integrity of Disaster Recovery and
Business Continuity plans
- Participating, contributing, and collaborating with
- Developing, implementing, and enhancing security awareness
- Assist with other tasks and projects as assigned Section 3:
Experience, Skills, Knowledge Requirements
- 10+ years of experience in Information Security.
- Experience securing PHI (Protected Healthcare Information)
- Maintain and communicate knowledge of industry and new security
- IT Audit experience preferred.
- Knowledge of networking preferred.
- Expert level proficiency in MS Office software applications,
specifically Word, Powerpoint and Excel.
- Professional security certification, such as a Certified
Information Systems Security Professional (CISSP), Certified
Information Security Manager (CISM), Certified Information Systems
Auditor (CISA) or other similar credentials, is preferred.
- Bachelor degree or Associate degree plus equivalent work
- Knowledge of information security risks (technical,
administrative and physical), preventative measures, and incident
- Ability to identify, document, and recommend action on security
and compliance findings.
- Familiarity with security & privacy regulations/frameworks such
as NIST, ISO 27002, HIPAA, etc.
- Excellent written and oral communication skills. The ability to
communicate effectively (clear, concise and professionally) with
all levels within Ascensus, auditors and business partners.
- Highly organized and able to process and manage inventories of
controls and findings.
- Persistence and strength to champion initiatives.
- Excellent analytical and problem resolution skills.
- Self-starter and able to work independently on large
- Desire to learn and develop new knowledge and skills
- Ability to facilitate meetings, obtain feedback and coordinate
- Ability to manage concurrent projects. Ascensus is a place to
have a career, not just a job. As the largest US independent
retirement and college savings services provider, we put our focus
on people. Our culture is guided by sound principles, is committed
to high standards, operates with transparency, and welcomes
diversity. When you join our team, you get to go to work every day
knowing that you help over 10 million Americans save for retirement
and college. Ascensus provides equal employment opportunities to
all associates and applicants for employment without regard to
ancestry, race, color, religion, sex, (including pregnancy,
childbirth, breastfeeding and/or related medical conditions),
gender, gender identity, gender expression, national origin, age,
physical or mental disability, medical condition (including cancer
and genetic characteristics), marital status, military or veteran
status, genetic information, sexual orientation, criminal
conviction record or any other protected category in accordance
with applicable federal, state, or local laws ("Protected
Keywords: Ascensus, Medford , Business Unit Information Security Officer, Other , Myrtle Point, Oregon
Didn't find what you're looking for? Search again!