Analyst - Digital Compliance

About The Position

Requirements

• Bachelor's degree required, with preference for Cybersecurity or IT discipline
• 2+ years of relevant experience or successful completion of Early Career Digital Leadership Program / Cybersecurity Rotational Program.
• Skills in assessing security controls based on cybersecurity principles and tenets.
• Skilled in communicating with all levels of management (e.g., interpersonal skills, approachability, effective listening skills, appropriate use of style and language for the audience)
• Ability to perform in a dynamic environment with the ability to manage multiple projects and priorities.
• Must be legally authorized to work in the United States for any employer without sponsorship
• Successful completion of interview required to meet job qualification
• Reliable, punctual attendance is an essential function of the position

Nice To Haves

• 5+ years of relevant experience
• Certifications such as CISA, CRISC, Security+, or CISSP
• Direct experience with compliance frameworks like SOX or PCI
• Ability to automate tasks or refine processes
• Knowledge of industry frameworks for risks and controls, such as NIST 800-53, NIST 800-37 or NIST 800-30
• Knowledge of identity and access management principles
• Knowledge of data protection principles
• Skilled at interpreting patterns of noncompliance to determine their impact on levels of risk and/or overall effectiveness of the enterprise’s cybersecurity program

Responsibilities

• Communicates complex information, concepts, and metrics in a confident and well-organized manner through verbal, written, and visual means, and tailored to the audience including to multiple levels of leadership
• Collaborates with Digital Technology and business teams, as well as other internal/external partners to build relationships supporting accountabilities
• Assists with regulatory compliance and risk assessments to identify and mitigate issues
• Assists with the documentation of various internal and external audits/assessments such as General Data Protection Regulation, Defense Federal Acquisition Regulation Supplement, Payment Card Industry, Sarbanes-Oxley. Documents reviews of internal security and compliance assessments
• Assists with the development of policies, standards in support of cybersecurity activities, and aligned to company or organizational requirements
• Provides ongoing support to programs such as immersive learnings (tabletop exercises, lunch & learns), micro-learnings (email, surveys, media-based communications, etc.), and incentivized training and cyber remediation programs (cyber certifications, reward programs, etc.)
• Interprets relevant laws, regulations, and policies in support of cybersecurity responsibilities

Benefits

• medical
• dental
• vision
• life
• accident & disability
• parental leave
• employee assistance program
• commuter
• paid holidays
• paid time off
• 401(k)
• flight privileges