Description Regular attendance to your work location on the Columbus campus is a requirement of this role. Proactively works with partners and suppliers to achieve objectives on time and within budget. Takes appropriate actions, when necessary, with partners/suppliers to build enterprise class solutions, respond to issues/threats, and/or communicate to stakeholders all utilizing efficient and effective tools and techniques to mature enterprise information security Program Development: Design, implement, and maintain an effective information security risk management program to identify, assess, and mitigate security risks Risk Assessment: Conduct comprehensive risk assessments to identify potential vulnerabilities and threats to the organization's information assets Policy and Procedure Development: Develop and enforce information security policies, standards, and procedures that align with industry best practices and regulatory requirements. Risk Mitigation: Collaborate with cross-functional teams to develop and implement risk mitigation strategies and ensure security controls are effectively integrated into business processes. Monitoring and Reporting: Continuously monitor the effectiveness of the risk management program and provide regular reports to senior management on the status of security risks and mitigation efforts. Compliance: Ensure compliance with relevant regulations, standards, and frameworks and support external audits and assessments Respond to comprehensive enterprise customer security questionnaires Risk Register Maintenance: Maintain and update the organization's risk register, documenting identified risks, assessment results, and mitigation measures. Assisting system administrators with implementation of processes to achieve security standards and best practices to harden security posture Following established IT policies and procedures to ensure compliance of all assets within security's remit Following industry and company best practices Collaborate in implementation of security controls aligned to the Enterprise Information Security strategy Actively engages in the greater information security and privacy community (e.g. peer groups, seminars, conferences, etc.) to help identify industry advancements, new techniques and new partners. Demonstrates a positive, proactive and thought leadership attitude to CAS and the greater security community Apply previous experience and proactive research to problem solve Ability to document technical processes to ensure accuracy and sustainability of job-related processes Demonstrate cross-functional collaboration with all levels of personnel to achieve organizational and Enterprise Information Security objectives This role can be based in in our Washington, D.C. or Columbus, OH office. A reasonable rate of compensation per year is listed for each location. DC: between $122,000-165,000 OH: between $110,000-148,000 ACS currently provides the following benefits for this position: paid vacation leave, paid sick leave, paid holidays, health insurance, flexible spending account or health care savings account, dental insurance, life insurance, vision insurance, retirement benefits, short- and long-term disability, and 4-week work from anywhere; each benefit is subject to the terms of the applicable program. Additional benefits may apply based on skills, experience, and location. Any actual offer of employment, reflecting the total compensation package and benefits, will be made in the sole discretion of ACS. ACS reserves the right to amend or modify its employment benefits and compensation structure at any time. Qualifications Behaviors Detail Oriented - Capable of carrying out a given task with all details necessary to get the task done well Thought Provoking - Capable of making others think deeply on a subject Functional Expert - Considered a thought leader on a s