Job Description
Job DescriptionWe are looking for an experienced IT Security Specialist to join our team on a long-term contract basis in Deerfield Beach, Florida. In this role, you will focus on ensuring compliance with security policies, regulatory standards, and industry best practices by conducting risk assessments, managing vendor relationships, and collaborating across departments. This position offers an excellent opportunity to contribute to a robust security framework while optimizing compliance processes.
Responsibilities:
• Conduct comprehensive risk assessments on internal systems, third-party vendors, and external applications to identify gaps and ensure adherence to security policies.
• Support compliance programs, including evidence collection, audit readiness, and remediation related to frameworks such as ISO 27001, SOC 1/SOC 2, and others.
• Perform IT control testing, privacy assessments, and vulnerability reviews to maintain compliance with regulatory standards.
• Collaborate with cross-functional teams, including IT, Legal, Compliance, and Procurement, to draft and review security clauses in vendor agreements.
• Manage and update the risk register, tracking issues from identification to resolution.
• Act as a key point of contact for external auditors and regulatory bodies, facilitating compliance reviews and providing necessary documentation.
• Develop and refine policies, processes, and operational runbooks to enhance risk management and compliance efficiency.
• Prepare detailed risk and compliance reports for leadership, including dashboards to ensure transparency and accountability.
• Utilize tools such as Archer or ServiceNow to streamline compliance and risk management activities.• Bachelor’s degree in Computer Information Systems, Information Security, or a related field.
• A minimum of 3–5 years of experience in information security compliance, IT audit, or risk management.
• Strong understanding of compliance frameworks such as ISO 27001, SOC 1/SOC 2, and similar standards.
• Proven ability to conduct vendor risk management, IT controls testing, and issue remediation.
• Excellent communication skills, with the ability to present findings clearly to stakeholders and executive leadership.
• Industry certifications such as CISSP, CISA, or similar are highly preferred.
• Familiarity with tools like Archer or ServiceNow is an advantage.
• Solid knowledge of data privacy, database security, cyber governance, and IT risk management principles.