IT Security, Risk & Compliance Analyst

Discussion in 'Computer Security' started by TOM, Oct 25, 2010.

  1. TOM

    TOM Guest

    Tom Gugger
    Independent Recruiter


    This is a career position with an established profitable company. They
    are a leader in their industry and continue to grow even in this
    economy. The company is located in the greater Fort Wayne, Indiana
    area.

    If interested and qualified, email resume to . Make
    sure your resume reflects your experience with SOX, PCI, and other
    needed or highly desired skills.


    IT Security, Risk, and Compliance Analyst
    FUNCTION
    Responsible for providing IT and security governance and support for
    the entire organization, focusing on all aspects of data compliance,
    with particular emphasis on Sarbanes Oxley (SOX), PCI, and other
    industry and regulatory compliance requirements. Work closely with the
    functional business leaders, Sr. IT Director and Infrastructure
    Manager to manage the balance between business needs and corporate
    standards.
    ESSENTIAL DUTIES &RESPONSIBILITIES (Note: Other duties may be
    assigned)
    • Lead the development, implementation and maintenance of a Risk
    Assessment model.
    • Assist with the development and implementation of information
    classification and control policies and procedures.
    • Remain current with changes in the information resources security
    legislation and regulation.
    • Develop, implement and maintain an annual Risk Assessment review of
    information systems.
    • Conduct periodic reviews of information security policies,
    procedures, and compliance. Prepare reports of findings for review by
    Management.
    • Assist various business units to implement and maintain information
    resources security.
    • Conduct periodic audits of various applications and systems to
    ensure information security processes and procedures are effective.
    Develop and distribute reports that include findings and recommended
    remediation steps.
    • Assist with the investigation, documentation, and response to all
    suspected information security events.
    EDUCATION AND/OR EXPERIENCE
    • Bachelor of Science in Information Systems/MIS, computer science,
    business or related field or equivalent experience
    • 3+ years experience administering and supporting IT security, risk
    and compliance program(s)
    • Experience with Sarbanes-Oxley section 404 compliance
    implementation and monitoring required
    • Experience in developing policies, procedures, technical
    configuration standards and guidelines
    • Experience in developing and implementing compliance monitoring
    processes and procedures
    • Experience with formal project planning and risk assessment
    methodologies
    • Experience conducting risk assessments and system/application
    reviews
    • Experience preparing management reports, remediation plans, and
    related planning documents
    • Experience with Payment Card Industry Data Security Standard (PCI-
    DSS) implementation and monitoring preferred
    • CISSP or CISA certification preferred
    KNOWLEDGE, SKILLS, AND ABILITIES
    • Extensive knowledge of IT security and compliance standards and
    regulations
    • Ability to build and maintain good rapport with internal and
    external customers and handle situations with confidence, tact and
    resourcefulness
    • Strong project management skills
    • Strong written and oral communication skills
     
    TOM, Oct 25, 2010
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. GS
    Replies:
    4
    Views:
    533
  2. Miltion
    Replies:
    2
    Views:
    612
    Miltion
    Jan 6, 2006
  3. Chuckles

    Security Compliance Software

    Chuckles, Feb 23, 2004, in forum: Computer Security
    Replies:
    3
    Views:
    461
    Rowdy Yates
    Feb 24, 2004
  4. Defense Talent Network

    Network Security Analyst

    Defense Talent Network, May 24, 2005, in forum: Computer Security
    Replies:
    0
    Views:
    450
    Defense Talent Network
    May 24, 2005
  5. Lawrence D'Oliveiro

    Closed-source compliance costs

    Lawrence D'Oliveiro, Jun 9, 2007, in forum: NZ Computing
    Replies:
    4
    Views:
    325
    peterwn
    Jun 9, 2007
Loading...

Share This Page