19 Nov
IT Security Risk and Compliance Analyst Ref #30
Indiana, Merrillville , 46410 Merrillville USA

Vacancy expired!

Job Title: IT Security Risk and Compliance Analyst – Ref #30Blue Star Partners is currently looking for an IT Security Risk Compliance and Analyst for a 12 month contract position. We are looking for resources in the Columbus, OH or Merrillville, IN (Chicagoland) areas.

Key Job Details

  • Role: IT Security Risk Compliance and Analyst

  • Experience Level: Intermediate: 3 to 7 years

  • Work Location: Remote to Start, but candidates should be local to Columbus, OH or Merrillville, IN

  • Effective Date: Immediate Need / December start

  • Anticipated Duration: 12 months

  • Contractor Rate: $53/hour

  • Contract to Hire: TBD, possible but not required

  • Travel: None initially due to COVID-19; then infrequent: 0-25%

  • IT Tower: IT Security

Job SummaryThe Compliance Risk Analyst helps assess and manage IT risks and compliance tasks for all NiSource business units and control networks. This role works closely with the Director of Governance Risk and Compliance and Manager IT Risk and Manager IT Compliance to ensure that risk is being managed, critical resources are being kept compliant, and violations found are acted upon to resolution. This role also works closely with the Service Providers Compliance management teams to track and monitor the overall progress of IT risks and compliance issues and their remediations. The Compliance Risk Analyst also works directly with customers, IT Service Delivery, IT Operations, IT Support Services and service providers to ensure issues are communicated and resolved in a timely fashion.

ResponsibilitiesA Compliance Risk Analyst will: Work with Process Owners and subject matter experts to incorporate the performance of SOX/NIST testing procedures in meeting the requirements of the business process being tested. Prepare test plans for IT SOX controls in compliance with quarterly IT SOX/NIST requirements, and including the gathering of supporting documentation. Perform quarterly testing within the timeline. Maintain properly documented testing evidence and results within IT SOX Compliance site and perform quarterly upload to SOX Compliance database. Identify potential control deficiencies while working with support teams and process owner to uncover root cause and request implementation plans to alleviate weaknesses exhibited within the process. Maintain current knowledge regarding changes to processes that could affect the IT SOX/NIST Control Universe. Assist with the identification, assessment, and management of IT Risk. Assist with regular reviews and management of all IT Policy and Standards for service providers and business units. Work closely with IT Service Delivery, IT Support Services, and business unit professionals, project managers and Service Providers to perform and/or support risk management processes. Drive resolution of identified risk , reviewing, analyzing and reporting on current risk status as directed by the Director of IT GRC. Prepare for and help facilitate regular risk review meetings with the Service Provider and prepare results and status information for NiSource IT and business leaders, as requested Resolve or escalate issues related to risk management in a timely manner Work closely with the IT Support Services to resolve Service Provider related issues and to help ensure accurate reporting of risk. Review monthly/annual forecast of expenses for the IT Budget, and analyzes and report variances to budget. Facilitate audits of processes related to risk management. Maintain a solid understanding of the Service Providers’ operational and service delivery capabilities and processes Maintain a solid understanding of the scope of the Service contracts as reflected by service levels, statement of work and pertinent schedules/exhibit

Required Education Requires a 4 year degree in information systems preferred or business administration or process management along with work experience

Required Experience 0-3 years of experience in Sarbanes Oxley audits, Information systems audits, and IT Operations Knowledge of IT Infrastructure components, trends and best practices. Excellent analytical abilities, including process analysis and development, problem solving and root cause analysis Knowledge of COSO. COBIT, and\or NIST 800-53 control framework/controls Experience working closely with service providers and delegating operational activities to them, as directed by a director or manager Knowledge of IT infrastructure components, trends and best practices Solid skills with computers, operating systems and software (MS Office Suite, MS Project, Excel and other IT applications) and ability to learn new technical concepts quickly Excellent analytical abilities, including process analysis and development, problem solving and root cause analysis Strong teaming skills, collaboration, negotiation, communication, organizational, people management and conflict resolution skills

For consideration, please submit your resume through this website only.

NOTE: Remote working environment available during COVID-19 Stay-at-Home orders.

Vacancy expired!

Subscribe for new vacancies

Related jobs

»Security Operations Center Dispatcher (Altria)
2020-11-18
Report job