31 Jan
Infosec Regulatory Compliance Analyst
Vacancy expired!
- Main responsibility is to be involved in evidence collection and validation for internal/external audit
- Analysis of various regulations, cybersecurity frameworks, risk assessments, SOX, GOBA, FISC, RTSA program and control testing, etc.
- Reading's requirements, pulling them apart, interacting with technical SME to analyze requirements and conclude it belongs to a specific part of the IS domain
- Relate requirements together and challenge that evidence
- Act as a liaison to collect evidence, validate that evidence and ensure everything is accurate, and then present the evidence to the auditors/examiners
- Bachelor’s degree required preferably in CS or engineering
- 5 - 7 years of experience in IT governance, risk and/or compliance role
- Diverse technical background including experience with multiple security technologies
- Experience in banking and/or finance, familiarity with InfoSec or cybersecurity practices and methodologies
- Experience establishing governance processes, operating policies, risk and issue management processes
- Understanding of industry and regulatory cyber security frameworks and control requirements e.g. NIST, FFIEC, SOX, GLBA
- Ability to analyze and articulate implications of compliance requirements
- Excellent data gathering, analysis and reporting skills
- Strong SharePoint and Advanced Excel, preferred Project
- Skilled at communicating technical information to both technical and non-technical audiences and stakeholders at every level of the organization
- Detailed-oriented and works well in a fast-pace environment with tight deadlines and competing deliverables and priorities
- Self-starter with strong analytical and problem-solving skills
- Ability to build and maintain relationships across diverse technical and non-technical teams
- Strong verbal and writing skills, including program and executive reporting, training and education
- Security/Risk Certifications – EX: CISSP, CISA, etc.
Vacancy expired!