Information Security Officer - Administrator (ISA)
Be responsible for providing security and risk management related support services.Specific Duties
- Provide assistance to the information security function relative to using the computer's security facilities.
- Provide supervision to any technical and administrative personnel assigned to the computer security function.
- Assist in the acquisition of security software and equipment.
- Assist the information security function (if requested to do so) in developing and maintaining the security and risk management program, including a risk analysis process.
- Assist in identifying vulnerabilities and the appropriate solutions to eliminate or minimize their potential effects.
- Assist in developing and maintaining the access control rules within the security software that provides controlled access in accordance with owner defined information access requirements.
- Serve as a member of software review committee to evaluate new software and hardware systems.
- Provide periodic reporting on information security issues.
- Investigate any actual or potential information security violations. Follow up investigations with written reports.
- Assist management with training employees about information security issues.
- Train any designated individuals to act as an ISA alternate, in case of emergency or absence.
- Assist in ensuring that departments have fulfilled their security responsibilities.
- Review new systems designs and major modifications for security implications prior to implementation.
- Provide liaison with the Security function.
- Consult on planned physical facilities changes, and alterations in work flow or operating procedures to evaluate the effect of such changes on security and safety.