JAS Worldwide
Overview
Join to apply for the
IT Security Manager/Specialist
role at
JAS Worldwide . JAS is an international, non-asset-based supply chain services and solutions company. Our services include air and ocean freight forwarding, contract logistics, customs brokerage, distribution, inbound logistics, truckload brokerage and other supply chain management services, including consulting, the coordination of purchase orders and customized management services. An Information Technology Governance, Risk, and Compliance (IT Security Manager/Specialist) Specialist is a vital member of an organization’s risk management and information security teams. This professional is responsible for designing, implementing, and maintaining frameworks and processes that ensure the organization’s technology operations comply with regulatory requirements, industry standards, and internal policies. The IT Manager/Specialist helps protect digital assets, reduce risks, and promote continuous improvement in governance and compliance efforts. Key Responsibilities
Develop, update, and enforce IT governance frameworks, policies, and standards based on industry best practices and regulatory requirements. Collaborate with senior leadership and technical teams to align IT initiatives with organizational objectives and risk appetite. Monitor and assess the effectiveness of governance structures, recommending improvements as needed. Facilitate the deployment of governance tools and technologies to automate and streamline compliance and risk processes. Educate staff across the organization on governance principles, compliance requirements, and their roles in upholding standards. Risk Management
Identify, assess, and document IT-related risks, including threats to data, systems, and infrastructure. Develop risk management strategies and controls to mitigate identified risks within acceptable levels. Perform regular risk assessments, vulnerability scans, and risk treatment plans for existing and new technologies. Establish and maintain risk registers, reporting on trends, metrics, and risk levels to leadership and stakeholders. Partner with IT and business units to ensure risk awareness and the implementation of effective controls. Compliance
Interpret, communicate, and ensure adherence to relevant governmental regulations (such as GDPR, HIPAA, SOX, PCI DSS) and industry standards (ISO 27001, NIST, CMMC, etc.). Conduct compliance assessments, gap analyses, and internal audits to evaluate the organization’s compliance posture. Coordinate with external auditors and regulatory bodies during inspections, audits, or assessments. Document and track remediation efforts for compliance deficiencies or audit findings. Develop and deliver compliance training programs for employees at all levels. Policy and Procedure Development
Draft, review, and update IT policies, standards, and procedures to reflect regulatory changes, technological advancements, and organizational needs. Maintain a policy lifecycle management process, ensuring timely reviews and updates. Ensure clear communication and accessibility of policies to all relevant stakeholders. Incident Response and Management
Participate in the development, implementation, and ongoing improvement of incident response plans and business continuity strategies. Support investigations into IT security incidents, breaches, or policy violations, document findings, and recommend corrective actions. Collaborate with cross-functional teams to test and refine response procedures through tabletop exercises and simulations. Reporting and Communication
Prepare regular and ad hoc reports for leadership, auditors, and regulators on risk, compliance, and governance matters. Maintain clear and concise documentation of all GRC activities, decisions, and outcomes. Promote a culture of transparency, ethical conduct, and continuous improvement in IT governance and compliance. The JAS Forwarding Operations Compliance department operates 24/7/365. This position may require evening, weekend, and holiday hours. Physical requirements: while performing the duties of this job, employees may sit, stand, walk, use hands, and reach with arms. Reasonable accommodations may be made for individuals with disabilities. Additional
The responsibilities associated with this job will change from time to time in accordance with the Company’s business needs. The incumbent may be required to perform additional and/or different responsibilities from those set forth above. The above declarations are not intended to be an all-inclusive list of duties and responsibilities. They describe the general nature of the job. JAS is an Equal Opportunity Employer. Notice to Applicants: JAS USA is a customs broker regulated by federal law. A background check will be performed. People with felony convictions may not be hired or may be terminated if required by law or policy. Job Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Transportation, Logistics, Supply Chain and Storage
#J-18808-Ljbffr
Join to apply for the
IT Security Manager/Specialist
role at
JAS Worldwide . JAS is an international, non-asset-based supply chain services and solutions company. Our services include air and ocean freight forwarding, contract logistics, customs brokerage, distribution, inbound logistics, truckload brokerage and other supply chain management services, including consulting, the coordination of purchase orders and customized management services. An Information Technology Governance, Risk, and Compliance (IT Security Manager/Specialist) Specialist is a vital member of an organization’s risk management and information security teams. This professional is responsible for designing, implementing, and maintaining frameworks and processes that ensure the organization’s technology operations comply with regulatory requirements, industry standards, and internal policies. The IT Manager/Specialist helps protect digital assets, reduce risks, and promote continuous improvement in governance and compliance efforts. Key Responsibilities
Develop, update, and enforce IT governance frameworks, policies, and standards based on industry best practices and regulatory requirements. Collaborate with senior leadership and technical teams to align IT initiatives with organizational objectives and risk appetite. Monitor and assess the effectiveness of governance structures, recommending improvements as needed. Facilitate the deployment of governance tools and technologies to automate and streamline compliance and risk processes. Educate staff across the organization on governance principles, compliance requirements, and their roles in upholding standards. Risk Management
Identify, assess, and document IT-related risks, including threats to data, systems, and infrastructure. Develop risk management strategies and controls to mitigate identified risks within acceptable levels. Perform regular risk assessments, vulnerability scans, and risk treatment plans for existing and new technologies. Establish and maintain risk registers, reporting on trends, metrics, and risk levels to leadership and stakeholders. Partner with IT and business units to ensure risk awareness and the implementation of effective controls. Compliance
Interpret, communicate, and ensure adherence to relevant governmental regulations (such as GDPR, HIPAA, SOX, PCI DSS) and industry standards (ISO 27001, NIST, CMMC, etc.). Conduct compliance assessments, gap analyses, and internal audits to evaluate the organization’s compliance posture. Coordinate with external auditors and regulatory bodies during inspections, audits, or assessments. Document and track remediation efforts for compliance deficiencies or audit findings. Develop and deliver compliance training programs for employees at all levels. Policy and Procedure Development
Draft, review, and update IT policies, standards, and procedures to reflect regulatory changes, technological advancements, and organizational needs. Maintain a policy lifecycle management process, ensuring timely reviews and updates. Ensure clear communication and accessibility of policies to all relevant stakeholders. Incident Response and Management
Participate in the development, implementation, and ongoing improvement of incident response plans and business continuity strategies. Support investigations into IT security incidents, breaches, or policy violations, document findings, and recommend corrective actions. Collaborate with cross-functional teams to test and refine response procedures through tabletop exercises and simulations. Reporting and Communication
Prepare regular and ad hoc reports for leadership, auditors, and regulators on risk, compliance, and governance matters. Maintain clear and concise documentation of all GRC activities, decisions, and outcomes. Promote a culture of transparency, ethical conduct, and continuous improvement in IT governance and compliance. The JAS Forwarding Operations Compliance department operates 24/7/365. This position may require evening, weekend, and holiday hours. Physical requirements: while performing the duties of this job, employees may sit, stand, walk, use hands, and reach with arms. Reasonable accommodations may be made for individuals with disabilities. Additional
The responsibilities associated with this job will change from time to time in accordance with the Company’s business needs. The incumbent may be required to perform additional and/or different responsibilities from those set forth above. The above declarations are not intended to be an all-inclusive list of duties and responsibilities. They describe the general nature of the job. JAS is an Equal Opportunity Employer. Notice to Applicants: JAS USA is a customs broker regulated by federal law. A background check will be performed. People with felony convictions may not be hired or may be terminated if required by law or policy. Job Details
Seniority level: Mid-Senior level Employment type: Full-time Job function: Information Technology Industries: Transportation, Logistics, Supply Chain and Storage
#J-18808-Ljbffr