IT Security, Risk & Compliance Analyst

Discussion in 'Computer Security' started by TOM, Oct 25, 2010.

  1. TOM

    TOM Guest

    Tom Gugger
    Independent Recruiter

    This is a career position with an established profitable company. They
    are a leader in their industry and continue to grow even in this
    economy. The company is located in the greater Fort Wayne, Indiana

    If interested and qualified, email resume to . Make
    sure your resume reflects your experience with SOX, PCI, and other
    needed or highly desired skills.

    IT Security, Risk, and Compliance Analyst
    Responsible for providing IT and security governance and support for
    the entire organization, focusing on all aspects of data compliance,
    with particular emphasis on Sarbanes Oxley (SOX), PCI, and other
    industry and regulatory compliance requirements. Work closely with the
    functional business leaders, Sr. IT Director and Infrastructure
    Manager to manage the balance between business needs and corporate
    • Lead the development, implementation and maintenance of a Risk
    Assessment model.
    • Assist with the development and implementation of information
    classification and control policies and procedures.
    • Remain current with changes in the information resources security
    legislation and regulation.
    • Develop, implement and maintain an annual Risk Assessment review of
    information systems.
    • Conduct periodic reviews of information security policies,
    procedures, and compliance. Prepare reports of findings for review by
    • Assist various business units to implement and maintain information
    resources security.
    • Conduct periodic audits of various applications and systems to
    ensure information security processes and procedures are effective.
    Develop and distribute reports that include findings and recommended
    remediation steps.
    • Assist with the investigation, documentation, and response to all
    suspected information security events.
    • Bachelor of Science in Information Systems/MIS, computer science,
    business or related field or equivalent experience
    • 3+ years experience administering and supporting IT security, risk
    and compliance program(s)
    • Experience with Sarbanes-Oxley section 404 compliance
    implementation and monitoring required
    • Experience in developing policies, procedures, technical
    configuration standards and guidelines
    • Experience in developing and implementing compliance monitoring
    processes and procedures
    • Experience with formal project planning and risk assessment
    • Experience conducting risk assessments and system/application
    • Experience preparing management reports, remediation plans, and
    related planning documents
    • Experience with Payment Card Industry Data Security Standard (PCI-
    DSS) implementation and monitoring preferred
    • CISSP or CISA certification preferred
    • Extensive knowledge of IT security and compliance standards and
    • Ability to build and maintain good rapport with internal and
    external customers and handle situations with confidence, tact and
    • Strong project management skills
    • Strong written and oral communication skills
    TOM, Oct 25, 2010
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.