Information Security Officer (ISO) - Rancho Cordova, CA - Contractor

This job is no longer active. View similar jobs.

POST DATE 8/18/2016
END DATE 11/16/2016

SGS North America Rancho Cordova, CA

Rancho Cordova, CA
AJE Ref #
Job Classification
Full Time
Job Type
Company Ref #
Mid-Career (2 - 15 years)
Bachelors Degree




SGS Automotive Services N.A., a division of SGS Group based in Geneva Switzerland, provides commercial and statutory automotive related services to our clients in the US, Canada, and Mexico. SGS Automotive is a vehicle inspection company for the study, development and application of technologies for motor vehicle testing, diagnostics, repair, technician training, and information management. Coupled with developing and managing Inspection and Maintenance programs, SGS also provides a wide range of commercial automotive industry inspection services such as New Car, Off-Lease, certified pre-owned, auction, B2B online, and dealer testing, inspection, and certification services.


Reporting to the California Program Manager, the Information Security Officer role will be responsible for assisting in the establishment, development, design, recommendation and implementation of a security framework that encompasses Linux/Oracle distributed systems hosting and monitoring applications using web services and web applications for current and new systems. This position also works with multiple teams in the organization spread across Systems Development, Quality Assurance, Operations, Office of Compliance, Project Management Office, Vendors, internal ISO, and external State of California ISO contacts to coordinate and/or lead security architecture activities across the enterprise. This Information Security Officer position will be primarily an administrative role with a concentration on information security planning, documentation generation, compliance management and remediation planning toward the goal of information security compliance to the State of California s SAM-5300 guidelines and associated NIST moderate level security controls.


California Program Manager


* For the Project, provide procedural and administrative expertise in information security and compliance topics.

* For the Project, demonstrate continuous improvement in the topics of information security and compliance using a measurable matrix tied to the State of California s SAM-5300 security guidelines and NIST moderate level security controls.

* For information security and compliance topics, educate and coordinate projects and actions with all groups within the SGS Testcom Rancho Cordova office.

* Assist the IT Operations Manager and Senior Technical Project Manager with information security and compliance topics as needed.

* Oversees and participates in the creation of Documentation related to information security and compliance management.

* Work closely with an Information Security Engineer who will be performing technical information security tasks including setup and upgrade security devices, software, and complete subsystems.

* Lead the effort to run an ongoing security program in a world-class fashion.

* Coordinate with the Project Management office to meet all scheduled milestones and provide required deliverables to internal and external customers.


* Bachelor's Degree (B.A. or B.S.) or higher in Computer Science, Engineering, a related field or equivalent experience;

* Multiple years of experience with Intrusion Detection and/or prevention systems;

* At least five or more years of experience as a member of a security or compliance team or as a security consultant;

* Experience working with Executive Management Teams;

* Excellent written and verbal communication;

* Demonstrated background assisting companies using continuous improvement techniques;

* Experience interacting with InfoSec Engineers and other Information Security Officer s (ISO s).

* Experience with compliance audits and resulting remediation planning and implementation.

* Familiar with a large variety of the information security field's concepts, practices, and procedures.


* CISSP, CCNA and/or GIAC certifications.

* Security and/or management certifications related to the handling of information security topics.


* Strong leadership, project management skills, time management, and problem solving skills.

* Proficient level ability using general office tools including but not limited to Microsoft Windows based workstations, Microsoft Office suite of applications including Microsoft Project, and general Web based software tools

* Ability to excel in idea generation, evaluation, and prioritization, customer and partner engagement.

* Experience solving complex and large-scare hardware/software problems.

* Ability to adapt to a changing environment and make timely decisions.

* Proficient knowledge of security topics as they relate to IT systems.

* An entrepreneurial spirit.

* Time management skills.

* Ability to work with technical and non-technical business owners to get things done.

* Excellent written and oral communication.


* Demonstrates strong commitment to SGS HSE Policies, Procedures, and Work Instructions by participating in safety meetings, completing required training, intervening in unsafe situations, refusing unsafe work, and complying fully with all applicable laws and regulations related to HSE.

* Reports all incidents (actual incidents and near misses) in accordance with the SGS Incident Reporting requirements.

* Actively participates in incident investigations and risk assessments as deemed necessary by SGS management.


* Valid driver s license.

* Ability and willingness to travel, sometimes at short notice

* Travel 10-20% of time depending on project locations.

* Reliable transportation.

* Arrives promptly to work

* Arrives promptly and prepared at scheduled meetings.

* Available 24/7/365 on a periodic basis, if needed, to assist with Project deliverables being met.

* This is a contract position expected to start in October 2016. The duration of the contract is expected to last about a year.