2 Information Security Compliance Analyst Jobs near me
Stretto is Hiring an Information Security Compliance Analyst Near Dayton, OH
The role of an Information Security Compliance Analyst will be to ensure that Stretto meets the requirements of relevant regulations and keeps the current certification status for standards and certifying bodies such as PCI DSS, NIST, and SOC. The incumbent will identify control gaps; advise internal teams on how to address them; collect, organize, and review control evidence; manage and coordinate external audits, and plan compliance activities for Stretto lines of business that are subject to various standards and regulations. The role will also support third-party security assessments, promote a compliance culture within Stretto, communicate effectively, and establish positive relationships with other Stretto teams.
Essential Duties and Responsibilities:
- Plan, execute, and lead security assessments for PCI DSS, NIST, and other frameworks across the organization
- Conduct gap assessments and advise on gap closure, collect and review evidence, present evidence to assessors to make the case for compliance, and manage the overall interactions with external assessors
- Act as an advisor to IT engineering & operations teams, development teams, and business process teams to assist them in supporting compliance efforts
- Advise management on risk and control issues, and provide practical recommendations to ensure that risks are properly managed
- Monitor internal compliance with organization policies, standards, and procedures
- Communicate compliance program status with senior leaders and other stakeholders
- Analyze and evaluate other audit frameworks to determine the applicability and compliance with resource requirements
- Identify policy and process improvement opportunities, automation opportunities, develop recommendations and communicate with stakeholders collaboratively
- Perform internal reviews such as user entitlement and user offboarding to ensure compliance with regulatory requirements
- Oversee the vendor management program to ensure proper risk assessment and due diligence is completed according to regulatory requirements
- Certifications: Candidates should hold one or more of the following certifications:
- CompTIA Security
- CompTIA CySA
- AWS Cloud Security Engineer
- CISSP (Certified Information Systems Security Professional)
- CISA (Certified Information Systems Auditor)
- Experience: A minimum of 3 years of experience working in a technology compliance role with at least one of the relevant standards
- NIST 800-53
- NIST CSF
- PCI DSS
- AICPA SOC
- HIPAA
- Technical Proficiency:
- Familiarity with networking concepts such as firewalls, and access control lists (ACLs).
- Experience with Amazon Web Services (AWS)
- Experience with Governance, Risk, and Compliance (GRC) platforms
- Excellent analytical abilities, including process analysis and development, problem-solving, and root cause analysis
- Strong teaming skills, collaboration, negotiation, communication, people management, organizational, and conflict resolution skills
Stretto offers a competitive and comprehensive benefits package, along with opportunities for growth. We are an equal opportunity employer encouraging diversity in the workplace. All qualified applicants will receive consideration for employment without regard to race, national origin, gender, age, religion, disability, sexual orientation, veteran status, marital status or any other characteristics protected by law.
Job Summary
Full Time
Business Services
$64k-77k (estimate)
06/03/2024
08/03/2024
stretto.com
IRVINE, CA
200 - 500
1987
STEVE MOORE
$10M - $50M
Business Services
Related Companies
The job skills required for Information Security Compliance Analyst include Information Security, Risk Assessment, Problem Solving, Networking, Collaboration, Communicates Effectively, etc. Having related job skills and expertise will give you an advantage when applying to be an Information Security Compliance Analyst. That makes you unique and can impact how much salary you can get paid. Below are job openings related to skills required by Information Security Compliance Analyst. Select any job title you are interested in and start to search job requirements.
The following is the career advancement route for Information Security Compliance Analyst positions, which can be used as a reference in future career path planning. As an Information Security Compliance Analyst, it can be promoted into senior positions as a Systems/Application Security Analyst that are expected to handle more key tasks, people in this role will get a higher salary paid than an ordinary Information Security Compliance Analyst. You can explore the career advancement for an Information Security Compliance Analyst below and select your interested title to get hiring information.
Similar Jobs
Popular Articles
