We are currently looking for a strong Information Security Analyst with a strong background in regulatory compliance and risk reduction. Applying candidates need to have a strong background in information security audit readiness efforts to prepare for upcoming compliance audits. The position will be responsible for conducting risk analysis to identify critical assets, vulnerabilities, and the adequacy of security safeguards. As well as managing internal and external auditors during required audits.
The ideal candidate will have strong experience as a security analyst directly involved in PCI, SOX, HIPAA, and other regulatory compliance requirements. Candidates will be responsible for providing consulting and guidance around proper execution of IT controls to ensure compliance and security of information assets. While making sure the design of IT controls meet compliance for PCI, SOX, HIPAA, and other regulatory compliance requirements. The chosen candidate will also be responsible for making sure the all information is protected and compliment, establishing metrics/reporting and over all management of IT policies, standards, and regulatory requirements.
Qualifications
· BS in Computer Science/Information Security or BS and relevant experience in Information Security, IT Audit, or Regulatory Compliance.
· 5+ years experience working in medium to large size companies
· 3+ years experience in IT Audit, Regulatory Compliance, or Information Technology with background in information security. (CISSP / CISA, or similar is preferred)
· Experience in direct involvement in PCI DSS auditing, control implementation & testing, and evidence documentation.
· Knowledge of security standards, procedures and policies pertaining to data access and information systems.
· Knowledge of general audit principles, security administration processes and frameworks, metrics collection and reporting.
· Demonstrated familiarity with State and Federal regulations including HIPAA, GLBA, SOX, and PCI.
