Job Description
Are you a security professional or auditor with a strong technical understanding of IT controls? If so, and you have experience with the HITRUST CSF, we have a great opportunity for you.
Security Assessors work with Senior Assessors to support and complete complex HITRUST assessments, cybersecurity risk assessments, and consultations. Successful candidates must possess technical knowledge, risk management, and project management experience, as well as exhibit maturity, confidence and strong communication and time management skills.
Requirements:
- Minimum of 2 years in Information Security, Cybersecurity Audit and or Compliance
- More than 2 years of experience in roles specific to technical controls
- Knowledge of and demonstrated practical experience preferred includes:
- Security architecture
- Configuration management
- Vulnerability management
- Policy and procedure development
- Writing detailed technical reports and Executive Summaries
- Project management and best practices including time management, delivery, and communications
- Strong written and oral communication skills
- Ability to translate technical knowledge to non-technical audiences
- Experience with both client and executive communications
- Mandatory Professional certification: CISA
- Preferred but Optional Professional certifications: HITRUST CCSFP, and ISC² CISSP
- Bachelor’s degree, preferably in Information Technology, Computer Science, or Business; or equivalent experience required. Drummond will evaluate the accreditation status of the universities and the accreditation status of the degree conferred
- Candidate will be able to work remotely
- Candidates will not be expected to travel
This is a remote, Full-Time position.
Background
Founded in 1997, Drummond, is focused on delivering IT security, operational risk, and regulatory compliance services with a mission to be our clients’ long-term, trusted security, risk management, and compliance advisers. Our handpicked team ensures every customer confidentiality, integrity, and availability through world-class, enterprise-wide information security services and solutions that are scalable, repeatable, and affordable. Our experience further establishes us as an authoritative resource for PCI DSS, HITRUST, HIPAA/HITECH, NIST, SOC2, and ISO, as well as other standards, frameworks, and regulations.
In working with Drummond, you will participate in transforming challenging technical issues into logical business objectives. In a world of technological change, Drummond helps you to take control.
Drummond Group is an Equal Opportunity Employer. This company does not and will not discriminate in employment and personnel practices on the basis of race, sex, age, disability, religion, national origin or any other basis prohibited by applicable law. Hiring, transferring and promotion practices are performed without regard to the above listed items