Information Security Compliance Analyst
Duties and Responsibility
- Assist in the development and implementation of information security policies, standards, guidelines and procedures
- Conduct periodic evaluations of internal control systems, document the results, make recommendations to remediate the identified risks, and monitor strategies to remedy information security control deficiencies
- Conduct information security education, training and awareness activities for general users such as new hire orientation, annual training, and creation of security reminders/advisories.
- Initiate changes in policies and procedures due to new or revised regulations
- Maintain regulatory evidence including policies, standard training, and compliance monitoring
- Defense-in-depth methodology when assessing the effectiveness of controls including deployment of compensating controls
- Manage information asset inventories
- Facilitate control testing in form of vulnerability assessment, risk assessments, penetration, and social engineering testing.
- Develop key performance metrics to track and ensure compliance with established policies and standards.
- Stay current with the latest cyber security threat landscape and notify IT, teams of applicability to the Company’s systems,
- Other duties and responsibilities that may be assigned.
- Bachelor’s Degree in IT, Management Information Systems, or related field preferred
- Minimum of 4 years of experience in an IT audit / risk management/compliance role / information security policy authoring process
- Knowledgeable in various compliance frameworks and regulations (DPA, GDPR, PCI, NIST, ISO 27001, SOC 1/2, as well as audit management)
- Highly self-motivated and directed professional with keen attention to detail
- A high degree of organizational, analytical and critical-thinking skills
- Ability to influence across all levels of the organization
- Penetration Testing and Vulnerability scan analysis and remediation experience
- Excellent interpersonal communication & presentation skills.
- Must have the ability to work as a team member and independently.
- Strong project management skills
Interested applicants may send their applications to firstname.lastname@example.org