IT Compliance lead

Role                                        IT Compliance lead
Location:                               Los Angeles CA Area
Emp Type:                            Permanent Job
Interview:                             Phone/Skype
 
Required Skill Set        
Risk Assessments, SOX Compliance, Internal Audits, IT Security Controls Design, Security Policy & Procedures
Desired Experience Range 
3-5 Years
 
Must-Have
Experience in the definition and delivery of security controls for business solutions, preferably in the Energy, Resource and Utilities industry
Understanding of information security standards and best practices including those within ISO 17799/27001, Cobit, NIST publications, etc.
Knowledge of and hands-on experience with SOX, SAS 70/SSA16 and/or PCI audits.
Extensive knowledge of business process design, requirements elicitation, meeting facilitation, and project management
Ability to manage multiple tasks simultaneously.
Excellent customer service, verbal, and written communication skills.
Strong relationship and stakeholder engagement skills
Strong global teaming and remote collaboration
Strong skills and experience in negotiation and influencing
Good problem-solving and analytical skills, able to determine the impact of an issue quickly to prioritize further work
Strong planning, prioritization, communication and presentation skills
Should have CISM, CISA or equivalent certification, PCI DSS
Good-to-Have               
Preferably Energy, Resource and Utilities industry experience
Responsibility of / Expectations from the Role 
This role supports the delivery of security controls proportionate to the risk and impact of security risks identified for projects, by defining & designing IT Security policies & procedures, by performing IT security risk assessments, guiding projects to have information risks within acceptable levels, consult projects to take appropriate risk mitigation actions.
This role should support for the definition and delivery of appropriate security controls to in-flight projects. This is achieved through the interpretation of relevant security policies, standards, architectural artefacts along with interaction with the project, Enterprise Security Architecture and Operational Security.
Performs IT and information security risk assessments, audits, and gap analyses with direction and oversight from Management
Educates and informs control owners of their roles and responsibilities and the risks that they should be minimizing and assist with their continuous improvement of their control environment
Ensures continuous monitoring of control compliance through reviews, testing and inquiry with control owners
Assists in remediation of control gaps and establish metrics to support status to senior management
Develops and maintains documentation that will demonstrate to internal management and external regulators our status of compliance and maturity state. Assists with documentation of standard practices and enterprise-wide requirements for IT/Security.
Assists with coordination for external audits of the IT and information security environment.

Want to apply later?

Type your email address below to receive a reminder

Apply to Job

ErrorRequired field
ErrorRequired field
ErrorRequired field
Error
Error
insert_drive_file
insert_drive_file