• Lead and support internal and external audits, including preparation, documentation, and implementation of necessary changes to meet compliance standards such as ISO 27001 and SOC Type II.
• Develop, maintain, and refine comprehensive documentation for IT security processes, policies, and procedures. Ensure that all documentation is up-to-date, accurate, and accessible for audit and compliance purposes.
• Manage and enhance data privacy, protection, and usability protocols, ensuring that privacy solutions are compliant and perform at the highest standards.
• Collaborate with users and stakeholders to define system requirements and oversee modifications to both new and existing software and systems, ensuring alignment with compliance requirements.
• Execute and complete security assessments within strict timelines, documenting findings, outcomes, and recommendations for improvement.
• Design, setup, and administer Windows and Linux server environments, including regular upgrades and patching, with a focus on maintaining a secure and compliant infrastructure.
• Regularly communicate program progress, issues, and analysis to key stakeholders. Produce detailed reports that include assessment findings, security vulnerabilities, and proposals for enhancing system security.

Required Qualifications

• 5+ years of experience as a system/network administrator with a focus on IT security and compliance.
• Extensive knowledge and hands-on experience in managing Windows/Linux environments, including expertise with threat and vulnerability management tools like Tenable Nessus.
• Strong understanding of ISO 27001, SOC Type II, and other relevant compliance frameworks.
• Exceptional ability to document technical processes, audit trails, and compliance-related activities in a clear and organized manner.
• Excellent verbal and written communication skills, particularly in translating technical information into audit-compliant documentation.
• Strong analytical skills and the ability to work under pressure to meet tight deadlines.

Preferred Qualifications

• Familiarity with cloud-based security and compliance solutions is preferred.
• Security Certifications: CompTIA Security+, SSCP (Systems Security Certified Practitioner) preferred.

NA