Job description

Position Description: Trinus Corporation is seeking a skilled Information Security Risk & Compliance professional for a 12-month contract with strong potential for extension after the initial period. This position is ONSITE in Alhambra, CA 91803. Candidates must be authorized to work in the U.S. on a W2 basis. Skills: • Demonstrated expertise in governance, risk management, and cybersecurity compliance, including the development and implementation of policies, standards, and control frameworks. • Strong working knowledge of information security regulations and industry frameworks such as NIST (800-53, CSF), ISO/IEC 27001, and PCI DSS, with the ability to map controls and assess compliance. • Experience conducting risk assessments, control evaluations, and compliance audits to support enterprise-wide GRC initiatives. • Familiarity with vulnerability management, threat intelligence analysis, and security architecture design in support of risk and compliance objectives. • Understanding of encryption technologies and data protection principles as they relate to governance and regulatory obligations. • Foundational knowledge of technical environments including IT security, networking, and systems administration, with awareness of tools such as SIEM (e.g., Microsoft Sentinel), firewalls, and other endpoint/network security platforms. Experience Required: • 5 years of experience applying security policies, standards, testing, modification and implementation. At least 3 years of that experience must be in information security analysis. 3+ years of experience within each of the following: • Applying risk management principles, including conducting audits, security assessments, and interpreting industry-standard security frameworks (e.g., NIST, ISO 27001, CIS). • Conducting and supporting security operations, control assessments, audit remediation, and enterprise risk governance initiatives. • Performing information security risk assessments, evaluating control effectiveness, and analyzing risk impact for technology initiatives and third-party integrations. • Participating in incident response processes, including detection, containment, and post-incident analysis. • Managing the security of complex, multi-platform IT environments, including various operating systems, software suites, and network protocols, within a large organization. Education Required: • This classification requires possession of a bachelor’s degree in an IT-related or Engineering field. Additional qualifying experience may be substituted for the required education on a year-for-year basis. Certification (must have 1 of the following listed): • CISSP - Certified Information Systems Security Professional. • CRISC – Certified in Risk and Information Systems Control. • CISA – Certified Information Systems Auditor. • CISM - Certified Information Security Manager. Interview Process: • Interviews will be conducted in person in Alhambra, CA 91803. Work Schedule: • Work schedule is Mon - Thu 7:15 am – 6:00 pm (10 hours/day).

Requirements