Vacancy expired!
- Broad knowledge of applicable regulatory, legal rules and requirements (e.g., SEC, CFTC, Federal Reserve, etc.).
- Possesses proficiencies with the use of risk and control frameworks, and process improvement frameworks including for Cloud environment (e.g. COBIT, NIST CSF, NIST 800-53, COSO, ITIL, ISO 27001, ISO 9001, CMMI)
- Familiarity with Systems Development Life Cycle (SDLC) agile process and Secure Software Development Lifecycle
- Demonstrated ability to gather, analyze, and evaluate facts and prepare and present concise oral and written reports.
- Proficiency with MS Office software, GRC tools and web-based reporting tools.
- Proficiency with Cloud Computing Models, Risks and Cloud Control Environment. (AWS etc.)
- Experience with document management tools (e.g., DMS, PolicyTech) a plus
- 5+ years of experience in IT/Security Compliance, IT/Security Risk Management, IT/Security Audit, IT, Information Security or related field required
- Bachelor’s degree or equivalent required (Degree in Computer Science or related field a plus)
- Preferred Certifications – CISA, CISSP, CRISC, CCSP etc.
- Contribute to the development, maintenance and continuous improvement of the Regulatory Framework including policies, procedures, and controls
- Act as an advisor in compliance matters
- Assist the organization in evaluating new products, key business initiatives, significant technology, and systems to ensure compliance with policy, laws, and regulations
- Participate in or lead compliance programs, projects, system implementations, or initiatives
- Interpret policies, laws, and regulations and assists the organization in determining applicability and implementation strategy
- Advise and support the organization in establishing and implementing IT and Security Services policies and procedures
- Provide guidance to the organization on the development and implementation of effective remediation plans to address internal or external findings
- Keep abreast of, and leverage, industry best practices/frameworks (i.e., NIST CSF, NIST 800-53 COBIT, ISO, Cloud Security, etc.) to drive compliance related continuous improvements for IT and Security Services
- Assist in the analysis of findings to identify themes and trends
- Support other departmental activities and initiatives as required including assessment of compliance risks, supporting regulatory reporting and compliance reporting etc.
Vacancy expired!