Recruiting the Talent. Staffing the Culture. Call Us: 847-945-7600

Job Seekers

Recruiting the Talent.

  • Share this Job

Information Security Compliance Analyst

Location : Downtown Loop
Job Type : Direct
Hours : Full Time
Required Years of Experience : 4+ years
Required Education : Bachelor's Degree Required
Travel : No
Relocation : No

Job Description :

Information Security Compliance Engineer 


 


Description: The Senior Information Security Compliance Analyst (SISCA) will be responsible for monitoring, managing and closing existing compliance issues while also ensuring that internal systems are compliant with security standards. In carrying out these functions, the SISCA's responsibilities include the identification, evaluation and interpretation of regulatory, statutory and member security requirements, control deficiencies and information security risks.




Duties/Responsibilities:



  • Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures and standards in order to validate maintenance of secure configurations.

  • Map company requirements and regulatory requirements across the information security framework to identify overlapping requirements and compliance efficiencies.

  • Track enterprise compliance across multiple security frameworks including SOC 2, NIST and FISMA and maintain up-to-date records of requirements and corresponding mitigating controls.

  • Monitor third-party risk assessments and assist in performing internal risk assessments.

  • Collaborate on critical IT projects to ensure that security policy/risk issues are addressed throughout the project life cycle.

  • Monitor company's change management process to ensure compliance.

  • Develop key performance metrics to track and ensure compliance with established policies and standards.

  • Support development of security processes and procedures and support service-level agreements to ensure that security controls are managed and maintained.

  • Participate in the development of security and privacy awareness training in conjunction with other members of the Security Compliance group.


Required Qualifications :


Requirements:



  • Bachelor's degree in business, with IT audit or compliance experience, or computer science, with business and IT audit or compliance experience desired

  • Knowledge and understanding of FISMA, NIST and SOC-2 information security standards

  • Working knowledge of common IT security-related regulations and/or standards such as Sarbanes-Oxley and ISO highly desired  

  • Minimum five years' experience conducting security control assessments or audits

  • Minimum two years' experience developing or managing a security awareness program

  • SOC-2 audit experience from a major professional services firm highly desired

  • At least one industry certification (e.g. CISA, CISM, CRISC, CISSP, ISAAP) highly desired 

  • Strong oral and written communication skills

  • Ability to maintain security documentation and manuals

  • Must have strong analytical and critical-thinking skills

  • High-level of attention to detail and be a self-starter with ability to work independently, multi-task and adjust to shifting priorities



 

Powered by AkkenCloud
Back to Top