- Ensure compliance & audit activities are completed in a timely and appropriate manner
- Act as SME supporting functional managers in understanding and applying responsibilities towards compliance & audit providing recommendations as appropriate
- Lead new required industry framework / standard implementation from third line of defense per se.
- Develop and update Policies process maps templates and supporting change management tools as often as needed;
- Assist in the development of training material in support of Policy adoption enterprise wide; participate in compliance training workshops as needed;
- Report control issues and follow up on noncompliances with Functional leadership to mitigate and close the issues
- Audit event coordination Audit liaison and issue closure oversight (SOC 2 Type 2 ISO 27001 etc.)
- Lead preaudit preparation activities with stakeholders (SOC 2 Type 2 ISO 27001 etc.)
- Monitor compliance with existing Policies and supporting tools;
- Generate regular reports for Senior Management
- Ensure that compliance & audit activities associated are regularly reviewed to drive continuous improvement: providing Subject advice making recommendations and interventions as appropriate
- Participate in client directed audit and compliance initiatives including but not limited to SOC 2 Type II ISO 27001 etc.
- Champion and lead a culture of customer service and continuous improvement ensuring that opportunities for process and service Improvements Monitor performance and identify areas for improvement Actively look for ways of smoothing peaks and troughs and reducing time scales.
Requirements
BS/BA with record of high academic achievement in CS/MIS Professional certifications like CISSP (Certified Information Systems Security Professional), CISA (Certified Information Systems Auditor), CISM (Certified Information Security Manager), CGEIT (Certified in the Governance of Enterprise IT) or CRISC (Certified in Risk and Information Systems Control) are desirable Eagerness to contribute in a team-oriented environment Ability to work methodically and analytically in a quantitative problem-solving environment Excellent leadership, communication, and organizational skills Strong customer service skills Working knowledge of various control frameworks like: ISO/IEC 27002:2005 Code of Practice for Information Security Management HIPAA HITECH Health Insurance Portability and Accountability SOC 2 Type II NIST CSF National Institute of Standards and Technology