305-651-6500

Jobs    Everything

Select a Metro Area
Apply for Job - IT Compliance Analyst #2710
First Name*
Last Name*
Email Address*
Phone Number*
Resume URL
Upload Resume

Or email your resume to [email protected]

Apply for this Job below or Call Us at 1-888-743-7782

IT Compliance Analyst

Palm Beach County, Florida
Job ID: 2710

As an IT Compliance Analyst you will report to the IT Compliance Manager. To be successful, you will need to be able to document and evaluate general computer controls, as well as create standards which are in the best interest of the organization, while not hindering business efficiency. You will need to be skilled in a variety of IT compliance activities such as IT audits, disaster recovery & business continuity planning, vendor management, and software licensing.  You’ll have the opportunity to help project teams comply with enterprise and IT security policies, industry regulations, contractual obligations, SOX, and security best practices.  Additionally, you will have a chance to participate in a variety of other initiatives across our IT Security team to gain cross-functional working knowledge. 

In addition, as an IT Compliance Analyst, this role you will be involved with the following projects and initiatives:

  • Developing a more robust SOX compliance life cycle for business processes and systems
  • Role-based-access-control (RBAC) architecture for the organization
  • Business Continuity & Disaster Recovery preparedness
  • One common mechanism to distribute privileged accounts throughout the organization

Your essential responsibilities will include:

  • Ensure the strict compliance and adherence of IT policies and controls for all users in the organization
  • Work directly with internal and external auditors during IT audits to act as the liaison between IT and audit
  • Review and respond to risk assessments as needed
  • Analyze business impact and exposure, based on emerging security threats, vulnerabilities and risks
  • Prepare, manage, and deliver to end users the periodic access review process (re-certification)
  • Contribute to the development and maintenance of the information security policies and standards
  • Report to management concerning residual risk, vulnerabilities and other security exposures, including misuse of information assets and noncompliance
  • Maintain our Disaster Recovery & Business Continuity Plans
  • Gather documentation/technical information in support of audit requests and issue remediation efforts
  • Provide consultative advice to internal engineering and development teams that enable them to make informed risk management decisions
  • Assist in the creation of a Third Party Risk Management (TPRM) program and assessment framework
  • Assist in the coordination of TPRM audits, assessments, and remediation activities

Must have skills:

  • A Bachelor’s degree in Computer Science, Information Security, or equivalent and/or 3-7 years equivalent work experience in a publicly traded company
  • Highly motivated, competitive, and attracted to challenging opportunities
  • Demonstrates the ability to work in a fast-paced environment where organizational skills are essential
  • Demonstrates strong problem solving, analytical, interpersonal, and ownership skills
  • Possess excellent collaboration skills with a wide variety of internal team members
  • Is an intelligent, self-starting, self-confident individual with integrity and accountability
  • Comfortable presenting assessment results to executive management, both verbally and in writing
  • General knowledge of software development concepts and methodologies
  • General knowledge of application security technical controls and common vulnerabilities
  • Demonstrated ability to develop metrics, perform critical analysis, and develop executive decision support content
  • Knowledge and experience with SOX regulations
  • Working knowledge of authentication and access control

?  RBAC

?  Active Directory security groups

?  Application roles 

Nice to have skills:

  • Certifications: CISA, CISSP, and/or CISM
  • Experience with regards to:

?  Performing and responding to IT audits/compliance reviews

?  Creating security standards

?  Responding to risk assessments

  • Disaster Recovery & Business Continuity planning
  • Holistic understanding of Microsoft Active Directory