IT Security Compliance Analyst - REMOTE

About The Position

Requirements

• Bachelor’s degree in computer science or related discipline, or equivalent combination of education and experience required.
• Risk management, governance or security certification (CRISC, CGEIT, CISSP, CISM, CISA) required.
• Five (5) years of related work experience, including a combination of at least three (3) years’ experience in Internal IT Systems Auditing and three (3) years’ experience in internal control projects in the financial industry required.
• Working knowledge of SSAE 16 and PCI requirements
• Working knowledge of ISO27000 series of standards, PCI, COBIT, ITIL, and Sarbanes Oxley rules surrounding IT
• Working knowledge of NACHA
• Working knowledge of OFAC, BSA, GLBA, Patriot Act and other Federal or State laws that impact National Security requirements or privacy

Nice To Haves

• Project Management certification (PMP) preferred.

Responsibilities

• Audit user and system security configurations for compliance with internal and external requirements
• Perform audits and follow-up on corrective actions
• Participate in internal audit activities performed for compliance verification
• Interact and coordinate with appropriate business unit resources for audit participation
• Provide information to management regarding negative business impact caused by violation of confidentiality, integrity or availability of information and information systems
• Understand application of security concepts across a broad scope of information technology areas including data communications, network design, operations, database structures, operating systems, application development, security risk assessment, and disaster recovery
• Provide ongoing guidance and support to the organization to promote a progressive and sustainable compliance culture
• Prepare and provide updates for monthly internal and external compliance reports
• Document and maintain risk-based compliance policies and procedures
• Develop various materials for use on ITS's compliance intranet site
• Coordinate training material and monitoring records and the distribution of regulatory information to the appropriate personnel
• Implement and maintain operational plans for key control activities to ensure compliance with regulatory, legal, and corporate or functional related policies and procedures
• Respond to internal and external inquiries and requests for information to clarify regulatory requirements
• Assist in development of processes to identify, quantify, analyze, and report on Velera Technology Risk and Compliance status
• Function as a liaison between business units with compliance responsibilities to collect, report, and retain compliance documentation and reports
• Identify ongoing process improvements, operational gaps, and potential remediation steps; assist and/or lead process re-design and coordination of remediation efforts and remediation status reporting
• Maintain knowledge of legislation and regulation changes related to the financial industry; understanding of applicable finance industry security and privacy regulations, procedures and issues, and assist in leading internal efforts to ensure the organization remains compliant with such laws and regulations
• Lead and/or participate in special project teams supporting general business initiatives outside of the primary security function
• Perform other duties as assigned

Benefits

• Competitive wages
• Medical with telemedicine
• Dental and Vision
• Basic and Optional Life Insurance
• Paid Time Off (PTO)
• Maternity, Parental, Family Care
• Community Volunteer Time Off
• 12 Paid Holidays
• Company Paid Disability Insurance
• 401k (with employer match)
• Health Savings Accounts (HSA) with company provided contributions
• Flexible Spending Accounts (FSA)
• Supplemental Insurance
• Mental Health and Well-being: Employee Assistance Program (EAP)
• Tuition Reimbursement
• Wellness program