Information Security Specialist

For more than 75 years, we have amplified products and services based rigorous research and our belief in the power of learning. Driven by our mission to advance quality and equity in education, ETS provides learning solutions, pioneering research and trusted assessments that help guide learners around the world on their path to new possibilities.

Our portfolio of trusted measures include TOEFL®, TOEIC®, GRE® and Praxis®. Along with research, development and innovation that explores new frontiers in learning and measurement our educational measurement solutions and research contribute to the development of new methods and tools, inform important dialogue with education policymakers, and shed light on critical issues and potential solutions - all with the aim of creating a world where all learners can improve their lives through education.

With new senior leadership at the helm, ETS aims to continue changing the lives of all learners as we expand our organization's global footprint. Our goal is to remain at the forefront of assessment and measurement efficacy within the education and ed tech space as it continues to grow and evolve.

Position Summary:

The IT Security Specialist directs and implements the necessary controls and procedures to cost-effectively protect information system assets from intentional or inadvertent modification, disclosure or destruction. This role provides guidance and direction for the protection of information systems assets to other functional units. The IT Security Specialist ensures that the user community understands and adheres to necessary procedures to maintain security. The incumbent assesses business needs against security concerns and articulates issues and potential risks to management. Additionally, this role provides reports to superiors regarding the effectiveness of data security and makes recommendations for the adoption of new policies and procedures.

Responsibilities:

Oversee all phases of Information Security initiatives

Define, identify and classify information assets, assess threats and vulnerabilities regarding those assets, as well as recommend appropriate information security controls and measures.

Develop, implement and monitor compliance with information security policies, standards, guidelines and procedures

Evaluate security risks and compliance with policies and standards

Design and/or configure information security controls in new systems being developed, as well as technology products/software purchased

Develop and implement security measures for information systems to prevent security breaches

Investigate and analyze causes, patterns and trends that can pose a risk to data integrity and information systems

Monitor security reports to identify and mitigate IT risk

Evaluate security risks and assume responsibility for compliance with security policies

Manage project documentation (security plans, risk assessment, corrective action plans, etc.)

Perform risk assessments and execute testing of data processing systems

Keep stakeholders informed about security-related issues and activities affecting the assigned area or project

Investigate security breaches and create actionable plans to address risks

Participate in security audits and reviews to ensure compliance to IT Security policies and procedures

Conduct data vulnerability testing and communicate findings to stakeholders

Evaluate risk-related data and identify solutions to increase data protection mechanisms and controls throughout the enterprise

Identify, develop and implement control processes

Spearhead the development and maintenance of information security policies

Lead IT Security planning sessions

Develop and facilitate the security awareness program

Maintain current knowledge on a wide range of security issues including architectures, firewalls, electronic data traffic and network access

Adhere to ethical standards and comply with the laws and regulations applicable to your job function

Education, Certifications, or Special Licenses:

Bachelor's degree with extensive coursework in Computer Science or Business, or an equivalent combination of education and experience from which comparable knowledge and abilities can be acquired is necessary.

Certified Information Systems Auditor (CISA) or Certified Information Systems Security Professional (CISSP) certification or willingness to pursue certification is desirable.

Relevant Years of Experience Required:

Minimum 10 years of information security or risk management experience.

Other Requirements (Specialized skill sets, behavioral/technical):

Prior experience with security audits

Strong knowledge of security technologies and practices

Demonstrated experience with enterprise network environments, standards and protocols

Sound knowledge of application design and development

Prior experience with systems analysis process and procedures

Software development or business analyst experience

Must be able to work in a cross-functional team environment

Ability to interface with all levels of management, as well as work closely with technical and business staff

Excellent verbal and written and public speaking communication skills

#LI-NA1

#LI-REMOTE

ETS believes in a Total Rewards philosophy for our employees, and they include:

• Health, Vision, Dental insurance plans to choose from
• Generous continuous learning support, from individual learning grants to up to 6 classes a year for tuition reimbursement as well as on-line learning access!
• Generous PTO and vacation time to balance your work and life
• Additional 8 hours of PTO for volunteer work
• Retirement plan (401(a)) and traditional Roth (403b) with company contribution
• Commuter Benefits, Pet Insurance, 1 year subscription to Calm App

ETS is mission driven and action oriented

• Diversity, equity, inclusion, and belonging is at the forefront of the ETS employee's daily work. To further foster an inclusive environment ETS is home to a wide variety of Affinity groups that celebrate the diversity of our talented employees.
• How about cultivating growth, innovation, and continuous transformation for the next generation of rising professionals as leaders? ETS offers multiple Business Resource Groups (BRG) for you!
• Are you passionate about volunteering and being active in your career and community? ETS offers our Center for Advocacy & Philanthropy (CAAP) where we encourage ETS employees to become active volunteers in their communities and schools through the ETS Cares Giving Campaign. Our employees can support any 501c3 or eligible charity of their choice.

ETS is an Equal Opportunity Employer comprised of people with different experiences, strengths, and backgrounds who share a passion for advancing quality and equity in education. We are dedicated to building teams that reflect the various backgrounds, experiences, and identities of those we serve. The Talent Acquisition team strives to ensure candidates enjoy a fair and equitable hiring process. We believe our differences empower us to be a better team, making better decisions and delivering better results.