Lead Information Security Compliance Analyst

Lead Information Security Compliance Analyst

What you'll do…

JOB SUMMARY 
 
Advantage Tech is seeking a highly motivated Lead Information Security Compliance Analyst to join our client's Information Security Governance, Risk, & Compliance (GRC) Team. The position will serve as the primary point of contact for information security compliance efforts as well as audit preparation and response. The ideal candidate will be a self-motivated people leader as well possess a passion for details and a thorough understanding of United States local, state, and federal regulations as they relate to information security in the tax/finance industry. 

 
ESSENTIAL DUTIES AND RESPONSIBILITIES –

  • Partner with other members of GRC Team to serve as a highly professional representative to both internal and external customers.
  • Provide comprehensive risk assessments of business and technology sponsored projects and initiatives, including engagements with third parties.
  • Provide guidance regarding best practices for regulatory and legal compliance with SOX, PCI, CCPA, GDPR and others.
  • Use knowledge of information security standards and best practices to assist in the creation and maintenance of organization policies, standards, guidelines and processes.
  • Evaluate security controls for effectiveness and identify potential risks.
  • Establish and cultivate relationships by interacting with all levels of the organization to ensure activities are understood and completed appropriately.
  • Establish and cultivate relationships with both internal and external assessors
  • Establish and maintain documentation of assessments and controls.
  • Monitor and report meaningful metrics on compliance with information security policies, standards, guidelines, and processes.
  • Support, communicate, and reinforce the mission, values, philosophy, and culture of the organization.

What you'll bring to the team…

Minimum Qualifications

  • Strong SOX 404 Audit experience.
  • Effective leadership skills.
  • Good communication skills
  • Demonstrated knowledge of information security discipline.
  • Minimum of seven (8) years of experience in information technology or business analysis, with at least three (3) years in the information security field.
  • In-depth knowledge and understanding of security controls as they relate to applicable regulations and frameworks (SOX, PCI, CCPA, GDPR, STIGS, ISO, NIST, etc.).
  • Demonstrated understanding of risk and compliance assessment methodologies.

 Education:

  • Bachelor’s degree in a related field or the equivalent through a combination of education and related work experience.

 

Required Skills

  • Excellent people leader skills, with demonstrated experience leading compliance SMEs.
  • Proven ability to take initiative, work independently, and effectively organize multiple work streams.
  • Ability to build and maintain effective partnerships with internal and external customers.
  • High level of verbal and written communications skills, including translating technical details to business terms.
  • Strong analytical and problem-solving skills with the ability to think and adapt quickly.
  • Ability to learn quickly and take on new responsibilities as the team evolves.

It would be even better if you also had…

Plus Skills

  • Experience working with or for a Big 4 accounting firm.
  • Bachelor’s Degree in a relevant discipline from an accredited institution.
  • Experience performing information security reviews of third-party service providers.
  • PCI ISA Certification
  • Industry certifications such as CISA, CISSA, CISSP, CASP+, GSNA, PMP, GISP, GSTRT, GSLC, GLEG or similar.
  • Experience with ServiceNow GRC.  
  • Project/Program management knowledge and experience.
  • Experience with software development, programming or scripting languages, or security testing of applications.
  • Knowledge of network-based services, DevOps, client/server applications, mobile applications, enterprise systems and infrastructure, network architecture, or security infrastructure.

Advantage Tech is proud to be recognized as Kansas City Business Journal’s #1 locally owned IT staffing firm. We are passionate about delivering world-class service and value to our clients.  Advantage Tech’s customized recruiting model enables us to place consultants locally and nationally. Our clients want the best candidate at the most reasonable rate within a set timeframe; that’s precisely what we provide them.  We go even further.   Our consultant retention program gives our clients the added comfort our people will perform well and finish the project. 

Please visit www.advantagetech.net to learn more about our culture, benefits and career opportunities.

#advantagetech

Submit Resume