Information Security Compliance Analyst IV
Atlanta, Georgia
Employer: ASK Staffing
Industry:
Salary: Competitive
Job type: Full-Time
Summary of This Role
The IT Risk & Compliance Analyst IV works with BTS technical resources to ensure a positive outcome to all risk, audit and assessment activities. Efforts include: identification and assessment of IT Risk, ongoing monitoring of identified issues, work with technical teams to address and mitigate IT Risk, creating controls based on industry and corporate standards, interpretation of requests, identification of technical resources, preparation of technical resources for audit participation, collection of data from technical sources, organization, cataloging and refresh of data. Often serves as a subject matter expert. Able to present to management and 3rd party auditors. Regularly works with partner teams to respond to auditor queries. Well versed in Organization's Policies and Standards and how they apply to each technology. Fluent in audit types and controls that apply to the Organization's environments. Able to identify and document IT Risks appropriately as well as able to explain risks to partner teams.
-Intake and review of identified risks
-Work with the EVO team on the determination of best way to address the risk; ongoing monitoring of the EVO team's activities
-Act as an IT Risk evangelist to drive awareness
-Works with technical teams, and directs junior team members, during audit planning and execution; actively prepares technical teams for the audit
-Collects/collates data in advance of the audit; draws data directly from technology sources
-Maintains a directory of control owners
-Documents each of the platform and maintains the information
-Plans and organizes the library of audit artifacts to promote reuse where possible
-Drives and negotiates the audit calendar
-Hosts audit meetings; drives overall execution of the audit
-Reports on any potential findings to executive management
-Creates reports requested by executive management
-Manages the third party auditor
-Plans, creates and executes activities to train/engage team members and leaders throughout the business to ensure an understanding of the importance and purpose of the audit
-Drafts controls as required
-Actively liaises with risk and technology teams to identify areas of potential improvement
-Able to execute risk frameworks, risk reviews and update risk registers
Skills
.Skills / Knowledge - Having wide-ranging experience, uses professional concepts and company objectives to resolve complex issues in creative and effective ways. Some barriers to entry exist at this level (e.g., dept./peer review).
Job Complexity - Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Networks with key contacts outside own area of expertise.
Supervision - Determines methods and procedures on new assignments and may coordinate activities of other personnel (Team Lead).
Technical - Microsoft Office; G-Suite; strong technical including network fundamentals, distributed platforms, and mainframe.
Education:Bachelor's Degree
Relevant Experience or Degree in: Major in MIS preferred, other majors considered. Willing to accept additional experience in lieu of a degree
Typically Minimum 6 Years Relevant Exp
Skills
Required
Additional
The IT Risk & Compliance Analyst IV works with BTS technical resources to ensure a positive outcome to all risk, audit and assessment activities. Efforts include: identification and assessment of IT Risk, ongoing monitoring of identified issues, work with technical teams to address and mitigate IT Risk, creating controls based on industry and corporate standards, interpretation of requests, identification of technical resources, preparation of technical resources for audit participation, collection of data from technical sources, organization, cataloging and refresh of data. Often serves as a subject matter expert. Able to present to management and 3rd party auditors. Regularly works with partner teams to respond to auditor queries. Well versed in Organization's Policies and Standards and how they apply to each technology. Fluent in audit types and controls that apply to the Organization's environments. Able to identify and document IT Risks appropriately as well as able to explain risks to partner teams.
- What Part Will You Play?
-Intake and review of identified risks
-Work with the EVO team on the determination of best way to address the risk; ongoing monitoring of the EVO team's activities
-Act as an IT Risk evangelist to drive awareness
-Works with technical teams, and directs junior team members, during audit planning and execution; actively prepares technical teams for the audit
-Collects/collates data in advance of the audit; draws data directly from technology sources
-Maintains a directory of control owners
-Documents each of the platform and maintains the information
-Plans and organizes the library of audit artifacts to promote reuse where possible
-Drives and negotiates the audit calendar
-Hosts audit meetings; drives overall execution of the audit
-Reports on any potential findings to executive management
-Creates reports requested by executive management
-Manages the third party auditor
-Plans, creates and executes activities to train/engage team members and leaders throughout the business to ensure an understanding of the importance and purpose of the audit
-Drafts controls as required
-Actively liaises with risk and technology teams to identify areas of potential improvement
-Able to execute risk frameworks, risk reviews and update risk registers
Skills
.Skills / Knowledge - Having wide-ranging experience, uses professional concepts and company objectives to resolve complex issues in creative and effective ways. Some barriers to entry exist at this level (e.g., dept./peer review).
Job Complexity - Works on complex issues where analysis of situations or data requires an in-depth evaluation of variable factors. Exercises judgment in selecting methods, techniques and evaluation criteria for obtaining results. Networks with key contacts outside own area of expertise.
Supervision - Determines methods and procedures on new assignments and may coordinate activities of other personnel (Team Lead).
Technical - Microsoft Office; G-Suite; strong technical including network fundamentals, distributed platforms, and mainframe.
Education:Bachelor's Degree
Relevant Experience or Degree in: Major in MIS preferred, other majors considered. Willing to accept additional experience in lieu of a degree
Typically Minimum 6 Years Relevant Exp
Skills
Required
- RISK MANAGEMENT
- INFORMATION SECURITY
- TEAM LEAD
- COLLECTION
- AUDIT
Additional
- SUBJECT MATTER EXPERT
Created: 2024-05-04
Reference: 234263
Country: United States
State: Georgia
City: Atlanta
ZIP: 30334
Similar jobs:
-
IT Business Analyst IV
BCforward in Kennesaw, Georgia💸 $53.00 per hour -
IT Business Analyst IV
BCforward in Kennesaw, Georgia💸 $53.00 per hour