compliance analyst Charlotte, NC
Job description
The Compliance Analyst is responsible for assisting in the successful completion of SOX/General Computer Controls and PCI including facilitating identification and remediation of any risk and/or compliance findings. Assists in the development and communication of information security awareness training and education. The Compliance Analyst will also contribute to process and policy reviews.
Information Security: Facilitates a compliance self-certification process and annual scope reconfirmation
Produces compliance or security reports as needed
Progresses reporting and escalation to audit and compliance stakeholders for internal and external audit actions
Coordinates management action plans for remediation of any risk and compliance findings.
Security Administration: Monitors requirements for technology controls as they are mapped against NIST and PCI frameworks.
Conducts and serves as a point of contact for IT-related audits, (PCI, SOX/GCC’s)
Coordinates security training and communications
Assists with Phishing Tests and other Red Team activities to ensure security controls are working as required.
Helps to maintain the master list of compliance risk and incorporates it into the risk register
Coordinates with internal and external auditors to provide audit evidence
Assists in the creation of security testing processes to ensure compliance with PCI, NIST and Privacy regulations.
Education & Experience:
Bachelor’s degree in Computer Science or related field or equivalent combination of industry related professional experience, certifications and education
Working experience with information security and/or audit/compliance initiatives, teams, and programs
Working experience with SOX/ General Computer Controls, NIST, PCI, and/or other Information Security Management or privacy Frameworks preferred.
Knowledge & Skills
Information Security: Understanding of Operating Systems and Networks
Security Administration: Understanding of IT Best Practices
Ensure that security records are accurate and complete in alignment with corporate and regulatory requirements
Proficient in Microsoft Office suite
Adaptable to shifting priorities, demands, and timelines through analytical and problem-solving capabilities
Ability to develop and maintain positive relationships with IT/Business peers
Ability to communicate with a broad spectrum of people with varying levels of technical acumen
Must be willing to pursue Security and/or Compliance certificates such as CISA, CISM, CRISC, etc.
PCI
SOX and/or general computer controls.
#IND3
#LI-CR1
