DESCRIPTIONThe Security Compliance Analyst assesses, communicates, and reduces risk to the organization focusing on identifying risk based on team input, proactive compliance activities, and vendor risk management. The Security Compliance Analyst works in support of IT Security compliance requirements and company risk tolerance.RESPONSIBILITIES
The Security Compliance Analyst supports the security compliance program, tracking completion and remediation of compliance activities, and documenting compliance program evidence.
Investigates and determines where threats exist based on input from the Security Operations Center (SOC) team, current policy requirements, and threat hunt information.
Responsible for company-wide security awareness and education programs that are aligned with security policy, standards, regulatory requirements, and industry practices.
Assists with vulnerability management reporting including patch management tracking and software code analysis reports.
Collaborates with team to develop compliance program strategy.
Evaluates the security of vendors and hosted solutions based on approved Information Security standards.
Determines risk and potential impact based on emerging security threats.
Supports the security compliance program, ensuring the identification, tracking, prioritization, and remediation of all internal and external compliance requirements; also supports Internal Audit activities and remediation requirements.
Ensures adequate and effective IT controls exist to meet applicable current and future security compliance requirements found in laws, regulations, frameworks such as requirements to comply with SOX (Sarbanes-Oxley), SOC II, and state / federal privacy law.
Supports and updates a centralized repository of security controls aligned with corporate, regulatory, security framework requirements.
Coordinates the information security compliance efforts of all internal and outsourced functions that have one or more information security-related responsibilities, to ensure that organization-wide information security compliance efforts are consistent.
Collaborates with share service areas (internal controls, risk management, legal and HR) on the maturation of policies/procedures related to compliance activities.
Assists with identity management reviews from automated and manual systems.
Part of rotational on-call support for Tier 2
Perform other duties as required and/or assigned.
QUALIFICATIONS
5 to 7 Years of experience in Information Security
Bachelor’s degree in computer science or related field.
Experience with laws, regulations, frameworks such as requirements to comply with SOX (Sarbanes-Oxley), SOC II, and state / federal privacy law.
Proven information security audit experience
Experience with vulnerability management
Experience with third-party risk management and enterprise risk assessments
Experience with security awareness and training functions and tools
Proven analytical, strategic vision drawing on strong problem-solving abilities.
Able to prioritize and execute tasks in a high-pressure environment.
Strong written, oral, and interpersonal communication skills.
Ability to present ideas in business-friendly and user-friendly language appropriate to both executive and managerial audiences.
Highly self-motivated and directed.
Keen attention to detail.
Skilled in working within a team-oriented, collaborative environment.
ABOUT USAcosta and Mosaic are the sales and marketing powerhouses behind the most recognized and proven brands with top retailers in the United States and Canada. We offer flexible services that maximize efficiency. Acosta has the talent and technology to build data-, reach- and relationship-driven strategies to execute those strategies, and the tools to monitor, track and optimize metrics-based results for customers and retailers.Acosta and its subsidiaries, in good faith, believes that this posted range of compensation is the accurate range for this role at the time of this posting. Acosta may ultimately pay more or less than the posted range depending on candidate qualifications and locations. This range may be modified in the future.Acosta and its subsidiaries is an Equal Opportunity EmployerWe are committed to providing accommodations for persons with disabilities. If you require accommodation, we will work with you to meet your needs, to the extent required by law.The above statements are intended to describe the general nature and level of work being performed by people assigned to this classification. They are not intended to be construed as an exhaustive list of all responsibilities, duties, and skills required of personnel so classified. Mosaic reserves the right to modify all or part of any job descriptions at its discretion in order to meet and or exceed the needs of the business.By submitting your application you agree with and accept the Acosta Privacy Statement and Terms of Conditions.Acosta et Mosaic sont les forces motrices en matière de ventes et de marketing derrière les marques les plus reconnues et éprouvées auprès des principaux détaillants aux États-Unis et au Canada. Nous proposons des services flexibles qui maximisent l’efficacité. Acosta possède le talent et la technologie nécessaires pour élaborer des stratégies axées sur les données, la portée et les relations, afin de mettre en œuvre ces stratégies, ainsi que les outils pour surveiller, suivre et optimiser les résultats basés sur les indicateurs pour les clients et les détaillants.Acosta et ses filiales , de bonne foi, estiment que cette fourchette de rémunération affichée est la fourchette précise pour ce poste au moment de cette publication. Acosta pourrait finalement payer plus ou moins que la fourchette affichée en fonction des qualifications des candidats et des lieux. Cette fourchette peut être modifiée à l’avenir.Acosta et ses filiales sont des employeurs offrant l’égalité des chances .Nous nous engageons à fournir des aménagements pour les personnes handicapées . Si vous avez besoin d’un aménagement, nous travaillerons avec vous pour répondre à vos besoins, dans la mesure requise par la loi.Les déclarations ci-dessus ont pour but de décrire la nature générale et le niveau de travail effectué par les personnes affectées à cette classification. Elles ne doivent pas être interprétées comme une liste exhaustive de toutes les responsabilités, tches et compétences requises du personnel ainsi classé. Mosaic se réserve le droit de modifier tout ou partie des descriptions de poste à sa discrétion afin de répondre aux besoins de l’entreprise, voire de les dépasser.En soumettant votre candidature, vous acceptez et acceptez la Déclaration de confidentialité d’Acosta et les Conditions d’utilisation .Acosta, and its subsidiaries, is an Equal Opportunity EmployerJob Category: AdministrationPosition Type: Full timeBusiness Unit: CorporateSalary Range: $73,000.00 - $88,000.00Company: Acosta Services, IncReq ID: 2570