Governance, Risk, & Compliance Analyst
WICHITA-67201, KS, US
09/10/2018
-
Required Skills
interpersonal and presentation skills
Company
Infinity Consulting Solutions, Inc
Experience
7 to 9 Year(s)
Job Description
RESPONSIBILITIES AND ACCOUNTABILITIES:
· Monitor and report on compliance with security policies, as well as the enforcement of policies across the enterprise.
· Provide support and guidance for legal and regulatory compliance efforts, including audit related support as needed.
· Conducts third-party audits as required in order to maintain certifications and compliance certificates.
· Review risks, threats, vulnerabilities and oversee the development of corrective action plans in partnership with management, IT personnel, and other relevant groups.
· Deploy, manage, and maintain a formal information security risk register and the corresponding or associated software.
· Direct risk evaluation and compliance management processes as assigned.
· Follow up on deficiencies identified in reviews, self-assessments, automated assessments, and audits to ensure appropriate remediation plans have been developed and corrective measures have been taken and documented.
· Lead efforts in regulatory compliance and industry best practice standards with PCI DSS, SoX, HIPAA, ISO 27001/27002, NIST, etc.
· Consult on other types of security (e.g., security architecture, secure development lifecycle, physical security issues) as needed.
· Manage the development and implementation of information security policies, procedures, and guidelines.
· Provide guidance and support to management on all policy and standards issues related to information security.
· Ensure employees and third parties understand and fulfill applicable information security policies and standard requirements.
· Develop and conduct information security training and awareness activities.
· Perform other duties as assigned
SKILLS AND REQUIREMENTS:
· 7+ years of experience in information security governance, risk, and compliance program management.
· Bachelors' degree in Computer Science or Information Systems from an accredited college or university, or equivalent of related discipline.
· Proven track record in delivering results in a fast paced and highly complex organization.
· Ability to understand and apply knowledge of information systems security concepts (e.gl, secure architectures, secure electronic data communications, network security, and protection of sensitive data).
· Must be knowledgeable about ISO/IEC 27000 series standards, SoX, PCI requirements, and other regulatory compliance requirements, and have experience working in these environments.
· Prior policy development and enforcement experience in a regulated environment.
· Prior experience with information security risk management program development and implementation.
· Ability to relate business requirements and risks to policy and technology implementation.
· Knowledge of risk assessment and remediation procedures.
· Ability to work well with other members of the team, peers, and senior management.
· Strong communication, interpersonal and presentation skills.
DESIRED QUALIFICATIONS:
· Experience with ISMS Performance Metrics & Reporting.
· An advanced degree or security industry relevant certifications preferred.
Compliance Analyst
Compliance & regulatory
No Preference
FullTime Job
Other
1
Candidate Requirements
-
Bachelors
Walkin Information
-
-
-
Recruiter Details
Doug Klares
1350 Broadway, Suite 2205,
NEW YORK-10018, NY,
US
-