Lead IT Governance & Controls Analyst- relocation assistance

Lead IT Governance & Controls Analyst- relocation assistance

08 Dec 2024
Iowa, Des moines, 50309 Des moines USA

Lead IT Governance & Controls Analyst- relocation assistance

Vacancy expired!

Lead IT Governance & Controls Analyst
Need someone who in implementing programs – SOX, SOC, ISO, HIPAA, HITRUST, FedRAMP, FISMA.NIST
One is more technical – focused in and worked in Security Operation Center (SOC) – auditing and security implementation – background with FedRAMP – code scans and reports. Makes sense of the issues.

Second more compliance background – govt – 3PAO implementation – policy and procedures – individuals who write the procedures. Not someone who does checklist. Experience with compliance law – CCPA – no law degree but with the law. Knows policy

We are the leading provider of cloud customer engagement hub software for leading brands powered by AI and analytics. For over a decade, our solutions have helped improve customer experience, optimize service process, and grow sales across the web, social, and phone channels. Hundreds of the world's largest companies rely on our platform to transform their fragmented sales engagement and customer service operations into unified Customer Engagement Hubs (CEHs).

The Role:
We are currently looking for Cloud Security and Compliance Specialist to be a part of our Information Security team in Sunnyvale, California.


Responsibilities
  • Management and execution of compliance programs for SOX, SOC, ISO, HIPAA, HITRUST, FedRAMP, PCI, IL2, GDPR, CCPA and other data privacy regulations
  • Review, develop, execute, and maintain security policies and procedures for compliance
  • Create and maintain security documents, including System Security Plan (SSP), risk assessments, compliance documents, whitepapers, sales artifacts, etc.
  • Daily monitoring of security infrastructure, security logs, and tools
  • Incident management and response
  • Maintain and optimize security monitoring and alerting systems
  • Review and influence the system and product architecture, and provide security-related recommendations
  • Execute risk assessments and internal audits
  • Respond and communicate with internal teams, customers, and prospects worldwide on information security questionnaires and inquiries
  • Work with external auditors on regulatory and compliance program audits and assessments
  • Track findings and work with internal and external teams on mitigation and remediation
  • Align and consult on information security policies and procedures with key stakeholders including Sales, IT, Legal, Finance, Product, Engineering, and customers

Must-have qualifications
  • 15+ years’ experience in an information security-related role, such as security analyst or security auditor
  • 5 years’ experience conducting security control assessments or audits
  • Bachelor’s degree in information systems, Information Technology, Computer Science (or professional experience working in Enterprise IT) or equivalent experience
  • Professional security management certification such as Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Systems Auditor (CISA), or other similar certification
  • Deeply familiar with HITRUST, BAA, Sarbanes Oxley (SOX), NIST cybersecurity framework, FIPS, FISMA, ISO 27000 security standards, PCI, SOC2, FedRAMP and data protection regulations and requirements
  • Experience with SIEM tools, methodologies, and best practices
  • Experience with firewall, IPS/IDS tools, OWASP, FIM, DLP, Application Control, PAM (Privilege access management), vulnerability scanning tools and log analysis, and other infrastructure security tools
  • Experience with risk management methodologies and frameworks
  • Experience with and proven methods for managing the information security incident lifecycle, including incident response, mitigation, post-action reporting, and mapping a path forward
  • Comfortable with ambiguity
  • Able to work efficiently with cross-functional teams and manage numerous projects simultaneously under deadline pressure with minimal guidance
  • Strong analytical, communication (verbal and written), and project management skills

Nice-to-have
  • US government cybersecurity work experience is desirable
  • US government clearance
  • Working knowledge of standard Unix infrastructure tools/protocols (DHCP, DNS, NTP, SYSLOG, SSH, IPSec, etc.)
  • Basic cross-functional understanding of network engineering concepts and protocols (e.g., TCP, UDP, SSL, SSH, VLAN, etc.)
  • Familiarity with AWS and Azure security models

Related jobs

  • About Lumen

  • Become a part of our caring community and help us put health first

  • About Lumen

  • Security Risk and Compliance Analyst will operate within a divisional security team reporting to the Director of Information Security. Analyst will be responsible for risk assessment, reporting and audit of Customer facing applications supporting the Tax and Accounting (TAA) and Corporate Performance (CP&ESG) application portfolio. Primary responsibilities will include maintaining compliance and assurance against established security frameworks including SO2 and ISO27001. Analyst will work on annual certification requirements and daily IT security tasks. IT Risk assessment and documentation and assessment of implemented security policies and standards will be a core focus of this position. Analyst will perform a wide range of security tasks to monitor and support the Confidentiality, Integrity, and Availability of applications.

  • Deloitte\'s Enterprise Performance professionals are leaders in optimizing operations that span the entire enterprise of an organization, from strategy to implementation and operation. By joining our team, you can help clients achieve impact and value from their investments in both people and technology that support enterprise-wide operations, as well as solutions for specific functions in the organization, from IT to finance and the supply chain.

  • Job Number 24046859

  • Additional Information Centralized MHS, Remote Position, Supports Sales Team Assigning Group And Catering Opportunities, Night Shift, Weekends

Job Details

  • ID
    JC6471009
  • State
  • City
  • Job type
    Permanent
  • Salary
    Depends on Experience
  • Hiring Company
    Comrise
  • Date
    2020-12-07
  • Deadline
    2021-02-05
  • Category

Jocancy Online Job Portal by jobSearchi.