Cybersecurity Compliance Consultant - SOX and Compliance Testing

About The Position

Requirements

• Bachelor’s degree preferably in regulatory affairs, business, organizational or compliance law, or financial services
• Five years related experience performing legal, compliance, or other duties such as risk management and/or project management
• Strong knowledge of cyber governance terms, disciplines and frameworks

Nice To Haves

• Advanced knowledge in Excel, BI and data analysis tool
• Knowledge of SharePoint
• Clear ability to express complex multidisciplinary technical and business concepts in terms that are understandable to all levels of Lines of Business and corporate management both verbally and in writing.
• Two years of demonstrated experience as a SOX IT auditor and/or assessor with familiarity of regulatory reports on compliance.
• Two years of demonstrated experience with IT/SOX IT Audit response and remediation activities.
• Previous experience with security controls audit execution.
• Previous experience with IAM controls audit execution (application, servers database and network).
• Working knowledge with IAM governance tools.
• Working knowledge with SOX governance tools.
• Previous experience with metrics analysis and definition.
• Aptitude to understand and adapt to newer technologies.
• A grounded understanding of applied enterprise information security technologies.
• Demonstrate a consistent history of delivering on commitments. Demonstrate critical thinking and problem-solving skills.
• Able to work independently with limited supervision.
• Excellent communication skills, both written and verbal, to both business and technology audiences.
• At least one of the following certifications or equivalent experience: CISA, CISSP
• Knowledge of financial services industry and all applicable regulations and industry standards.
• Familiarity in using a query analysis tool

Responsibilities

• Performs compliance assessments and tests of SOX IT and assist management response for identified Audit and compliance gaps.
• Ensure internal compliance to SOX requirements. Understand and communicate operational direction to teammates and peer business units.
• Analyzes requirements (i.e. data lineage, data mapping/tracing control, reporting requirement, threats, assess management, PCI, etc.) to support the creation of enterprise-wide policies and standards, by effectively translating laws and regulations into operational functions and action steps for execution and compliance adherence.
• Represent CCS when working with TRUIST Business Partners to understand business problems representing enterprise security challenges and providing solutions to those problems that enable business while protecting the enterprise.
• Monitors reporting on information/cyber security compliance and related risk & controls programs to a variety of audiences, including the regulators/examiners.
• Fulfills external and internal requests, communications with internal and external clients.
• Identifies solutions for potential regulatory risks and maintains an internal inventory of applicable U.S. laws and regulations, pertaining to Information and cybersecurity.
• Ensures regulatory rules are incorporated into appropriate compliance policies, standards, processes, training, and monitoring/testing activities at an enterprise level.
• Works with different stakeholders to perform cyber governance routines, conduct cyber risk and compliance assessments.
• Performs data analysis and interpretation for risk factors and presents KRI metrics and analysis and makes recommendations concerning risk factors, mitigation controls and remediation plans.

Benefits

• Truist offers medical, dental, vision, life insurance, disability, accidental death and dismemberment, tax-preferred savings accounts, and a 401k plan to teammates.
• Teammates also receive no less than 10 days of vacation (prorated based on date of hire and by full-time or part-time status) during their first year of employment, along with 10 sick days (also prorated), and paid holidays.
• Depending on the position and division, this job may also be eligible for Truist’s defined benefit pension plan, restricted stock units, and/or a deferred compensation plan.