Security Analyst III (Risk & Compliance - SOX)

Duluth, GA | Contract To Hire

Post Date: 08/31/2017 Job ID: 46887 Industry: Security Engineer

Security Analyst III (Risk & Compliance - IT SOX expert)

Job Description, Required Skills, Education, Experience:

This role supports our Client’ s IT Governance Risk & Compliance (GRC) program which includes risk management, compliance management, assessments, and security awareness. This position is specifically responsible for preparing and analyzing business requests, monitoring in-scope systems, compliance operations, troubleshooting problems, identifying issues, creation of risk mitigation/treatment plans and advising users of fixes. This role partners with the business users acting as an advisor and subject matter expert for matters pertaining to control descriptions, operations and enhancement of their designated controls framework. Ensures the user community is properly trained on controls execution and follows up periodically with Internal Audit. Under general direction, ensures IT Security Control Framework is in compliance with SOX and industry standard operating procedures. Collaborates with internal teams, IT management, Internal Audit and other stakeholders to ensure the IT compliance program and associated deliverables are met.

Responsibilities to include:
  • Serving as a key resource in managing risks & controls
  • Maintaining all required documentation
  • Working with multiple business users to complete Security & Privacy Assessments for projects
  • Work with end users to design and implement new business processes for controls that are related to the functional area supported
  • Communicating portfolio and project status with IT and business sponsors
  • Creating or modifying documentation and workflows
  • Maintaining the security exception and findings management processes
  • Maintaining security program metrics and reporting
  • Assisting with both internal and external compliance audits
  • Assisting with Change Management and Project Management Policies, Guidelines and Procedures
  • Assisting with the Training & Awareness Program
  • Other duties as assigned

Preferred Skills, Education, Experience:
  • Bachelor’ s degree. (e.g., Information Security, Information Protection, Computer Information Systems, Computer Science, Computer Engineering, Information Systems Management) or equivalent educational or professional experience and/or qualifications
  • 8+ years of experience in Sarbanes-Oxley (SOX 404 Compliance)/COBIT/COSO compliance, IT security, and IT audit/risk management
  • Industry certification (e.g., CISA, CRISC)
  • Solid understanding and working knowledge of US and EU privacy laws, data protection/security regulations, and frameworks, such as NIST, COBIT, PCI DSS and ISO27001/2
  • Working knowledge of GRC tool(s) (ServiceNow preferred)
  • Working knowledge of classic compliance techniques
  • Working knowledge of Support Desk/Incident Management systems
  • Knowledge of SIEM tools, Incident Response and Forensics
  • Experience with SharePoint
  • Familiarity with the equipment manufacturing process (i.e. agricultural, automotive, constructions, etc.)
  • The ability to make quick decisions and think outside the box when working with complex situations
  • Strong communication, interpersonal skills, and the ability to establish strong working relationships at all levels
  • Demonstrates a high level of flexibility
Apply Online

Not ready to apply?

Send an email reminder to:

Share This Job:

Related Jobs: