Key skills
Project ManagementCommunicationPresentation Skills
About this role
Role Overview
- Assist in managing a compliance program for a portfolio of internal/external audits & certifications
- Assist with the implementation and direction of compliance processes to automate and continuously monitor information security controls
- Develops reporting metrics and dashboards
- Assists control owners in defining responsibilities and control standards for regulatory and compliance goals
- Map and maintain common controls framework and control scope/applicability for a portfolio of compliance initiatives
- Provide compliance subject matter expertise and advisory services to stakeholders/control owners
- Documents and reports control failures and gaps to stakeholders
- Provide remediation guidance and prepares stakeholders' reports to track remediation activities
- Evaluate & report any security/compliance risks to track as part of the company risk register
- Consults on developing security standards, procedures, and controls to manage risks
- Gather requirements guide assigned controls within the centralized GRC tool
- Work with business unit/product level compliance teams to strengthen and align to a shared company compliance plan
- Perform operational activities related to the compliance program and escalate deviations when needed
- Perform audit services including risk and gap assessments to business units as needed
Requirements
- Bachelor's Degree in Computer Science or equivalent field of study
- 5+ years of experience working with applicable information security management, governance, and compliance principles, practices, laws, rules, and regulations
- 5+ years of experience in Information systems auditing, monitoring, controlling, and assessment process
- Proficiency in Risk assessment and direction methodology
- Proficiency in working with recognized IT Security-related standards and technologies
- Ability to function effectively within cross-functional and interdisciplinary teams
- Demonstrated project management, organizational, and facilitation skills
- Excellent communication and presentation skills
- High level of personal integrity, and ability to professionally handle confidential matters
- ISO LA, PCI QSA, CISSP, CISM, CISA, ITIL, or GIAC certifications desired
Benefits
- Great benefits and perks like larger tech companies
- Independence to make a larger impact on the company
- Ownership of work