Dublin, Ohio
Job Type: FT
Rate: DOE
Security and Compliance Analyst Job Opening in Dublin, Ohio - Security and Compliance Analyst the security and compliance analyst reports directly to the security officer and will be responsible for day to day activities in implementing the corporate information security and compliance program. the individual will also assist in maintaining audit and compliance initiatives to ensure that corporate policies, standards, procedures, and audit activities are in alignment with business, it, and regulatory requirements. success in the role will be measured by the effectiveness of the implementation of information security and compliance directives. the overall purpose of this role is to drive both information security and compliance initiatives. the individual will perform internal and external security compliance monitoring activities, managing client audits, it control audits, and security risk assessments. this role will assist in the management of key compliances such as nist, hipaa, fedramp, pci, iso27001, hitrust, and internal policies and standards. if your experience fits the requirements listed, please submit your resume to essential duties and responsibilities: ? develop and maintain vendor and client relationships ? oversee information security compliance standards, including daily, weekly, quarterly and/or annual security risk assessments ? establish and maintain security controls policies and procedures in accordance with federal regulations ? assist in response to regulatory security assessments and questionnaires ? assist with development and execution of a company-wide disaster recovery and business continuity plan ? research new security compliance requirements and assist in the evaluation of compliance control requirements. ? perform internal compliance assessments, monitoring activities, audits, and control testing ? report security control related metrics and effectiveness ? manage client audits and track corrective actions to completion. ? perform both internal and service provider risk assessments. ? evaluating, designing, testing, and recommending new or improved controls to keep the client current with industry standards and compliance requirements. ? interact with leadership regarding information security risks, controls, and audit requirements. ? managing corrective action logs and ensuring issues are assigned priority and closed out in a timely manner ? collaborate with organizational teams to design and deliver training initiatives that promote the development of staff as it relates to available technology ? educating product owners and development teams on data security requirements ? any other duties that may be required as assigned experience: ? experience participating in regulatory security audits; hipaa or hitrust preferred ? experience conducting needs assessments and identifying/implementing appropriate solutions ? 3 years information security and compliance experience across a wide base of disciplines including: ? metric reporting ? project management ? customer support and account management ? audit management and internal audit standards ? process control design and testing methods ? risk assessment tools ? business continuity and disaster recovery methodologies ? governance frameworks including nist, iso27000, fedramp, pci, and hitrust ? strong personality ability and credibility to influence leadership, key decision-makers, and highly technical resources ? strong subject matter credibility must have knowledge and ability to take a practical/business-relevant approach to security and compliance, resulting in a practical yet compliant security program ? ability to make security and compliance real and practical within the business, including investment of necessary time and energy in training and policy/procedures non-technical ? experience working in an agile environment is preferred ? ability to directly work with peer groups, customers and suppliers to understand needs and requirements ? good verbal and written communications ? team player and collaborative ? ability to work well with team members to achieve the desired results ? driven and self-motivated to learn new technologies and achieve objectives ? ability to work independently ? ability to multi-task ? good organization skills ? excited, interested and engaged in the area of security and compliance and our business ? demonstrate ability to take initiative and accountability for achieving results ? strong oral and written communication skills ? works effectively as part of a team ? customer-driven to understand and appropriately respond to customers' business needs ? self-directed ? up to 25% travel education and certifications ? bs in computer science or equivalent experience ? (isc)2 - cissp, csslp, issap, issep, hcispp ? cisa ? certified information systems auditor
|
