What are the responsibilities and job description for the IT Security Compliance Analyst position at Five Rivers IT, Inc.?
IT Security Compliance Analyst
At Five Rivers IT, we build and service reliable IT infrastructures for midsized businesses. Five Rivers IT has been growing at a consistent rate of 30% a year for the last 3 years.
We are in search of a Senior IT Security Compliance Analyst to join the dynamic team of professionals providing world-class IT services to its clients in the NYC metro area. This is a great opportunity for a self-starter with a proven track record to develop, implement, and support various initiatives in the area of governance, risk and compliance.
Responsibilities:
- Lead the planning, scoping, execution and documentation of audits primarily in areas associated with technology and technology-related risks.
- Act as a liaison between Auditors and Engineering/IT by coordinating requests for information and coordinating responses to any observations.
- Maintain proactive ongoing compliance by utilizing compliance tool to perform periodic security tasks and checks.
- Research new security compliance requirements and assist in evaluating compliance control requirements.
- Support and monitor remediation efforts of audit findings and validate the closure by reviewing relevant evidence.
- Write detailed findings, remediation plans, and other supporting documentation
- Provide actionable, technical advice to engineers to enhance security control design & effectiveness (including for cloud environments)
- Develop a close partnership with engineering control owners to educate them on compliance requirements and develop risk-appropriate control implementation solutions.
- Responsible for Incident Management, be readily available for: Incident documentation, ensure risk analysis and severity, manage containment, lead investigation, ensure proper notification protocol, conduct & document lessons learnt, Report on findings to then communicate them to the client.
- Bachelor's in Computer Science, Computer Engineering, Information Systems or related field or equivalent work experience
- 5 years of experience managing Information Security audits (e.g., SOC 2, ISO 27001, PCI DSS, HIPAA)
- Experience implementing security techniques, practices, and controls that can be applied to address risks
- Experience operating as part of an Information security program in alignment with common information technology management frameworks such as ISO 27001, NIST, CIS, ITIL, COBIT, etc.
- Strong written and verbal communication skills
- Strong program management skills
- Experience working closely with auditors and/or external regulators
- Experience managing security tools
Experience with Audit Management tools
Security certification
Prior experience leading or managing security audits at a SaaS/Cloud company or as a Security Auditor at an audit firm
Systems Admin or Network Admin experience implementing security controls
Other Details about the Job
- This job requires working for multiple clients across multiple environments in a managed services setting.
- This is a Full-Time position.
- Compensation for IT Security Compliance Analyst will range from $125,000 to $175,000 based on experience, if your experience falls outside required ranges compensation may be based on other open roles.
- All standard benefits are included such as medical/dental/vision insurance and vacation time.
- We encourage and reward professional certifications.
Please send your resume with the expected salary. Applications lacking expected salary will not be considered.
Salary : $125,000 - $175,000