Security Compliance Analyst

Job Description
Position Summary:

This role will monitor, manage, and close existing compliance issues while analyzing internal systems for compliance with security standards. This position will work with IT support staff to perform vulnerability and risk assessments and develop mitigation strategies to ensure compliance with current procedures and policies across the organization.

Essential Functions:

Planning and leading organization-wide security audits to ensure compliance with the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS), HIPAA, and various other mandates

Working with the information technology (IT) department and other relevant departments to coordinate audits, both internally and externally

Developing, preparing, and reviewing documents related to compliance and assessments

Designing remediation efforts when security deficiencies are found

Coordinating annual SOX and Statement on Standards for Attestation Engagements No. 16 (SSAE 16) audits for the IT department

Identify threats and risk exposures, assess and manage risks, and monitor the implementation of corresponding programs

Planning and maintaining compliance activities according to existing policies and standards as well as industry regulations

Pointing out the shortcomings associated with existing platform security and compliance processes and developing ways to address them

Working with third parties and consultants as needed for independent security audit

Respond to client audits and act as the subject matter expert for all client questionnaires

Escalate high and critical risks or risk trends to the appropriate level of leadership

Provide audit and compliance metrics monthly

Embed compliance culture and risk awareness across the company

Provide off-hours support if required

Performs other duties as may be assigned.

Requirements

Broad technical knowledge of information security and compliance principles and process

Experience in operating, monitoring, and implementing security policies, standards, and controls

Experience managing external audit activity and supporting internal audits

Knowledge of core security controls and systems such as risk analysis quantification and point of escalation

Ability to implement new policies and programs

Strong written and verbal communication skills

Strong analytical and critical thinking skills

Highest degree of personal integrity.

Bachelor's degree in computer science, Information Technology, or equivalent experience preferred 10 or more

years of professional networking experience including 5 or more years of security management

and/or compliance.

Professional certification, such as CISA, CISM, CRISC, CISSP, or ISAAP

Benefits

*New Associates become eligible for benefits the 1st of the month following 60 days
• Medical (2 plan designs to choose from)
• Dental
• Vision
• Life & Disability Insurance Options
• 401K
• Career growth & development
• Friendly company culture

JSM is an equal opportunity employer.

---