Infosec Regulatory Compliance Analyst

Infosec Regulatory Compliance Analyst

Vacancy expired!

Position:

InfoSec Regulatory Compliance Analyst

Location:

Dallas, TX

Duration: 12 Months Contract (Possible Extension/conversion)

Day to Day:

• Main responsibility is to be involved in evidence collection and validation for internal/external audit
• Analysis of various regulations, cybersecurity frameworks, risk assessments, SOX, GOBA, FISC, RTSA program and control testing, etc.
• Reading's requirements, pulling them apart, interacting with technical SME to analyze requirements and conclude it belongs to a specific part of the IS domain
• Relate requirements together and challenge that evidence
• Act as a liaison to collect evidence, validate that evidence and ensure everything is accurate, and then present the evidence to the auditors/examiners

Skills:

• Bachelor’s degree required preferably in CS or engineering
• 5 - 7 years of experience in IT governance, risk and/or compliance role
• Diverse technical background including experience with multiple security technologies
• Experience in banking and/or finance, familiarity with InfoSec or cybersecurity practices and methodologies
• Experience establishing governance processes, operating policies, risk and issue management processes
• Understanding of industry and regulatory cyber security frameworks and control requirements e.g. NIST, FFIEC, SOX, GLBA
• Ability to analyze and articulate implications of compliance requirements
• Excellent data gathering, analysis and reporting skills
• Strong SharePoint and Advanced Excel, preferred Project
• Skilled at communicating technical information to both technical and non-technical audiences and stakeholders at every level of the organization
• Detailed-oriented and works well in a fast-pace environment with tight deadlines and competing deliverables and priorities
• Self-starter with strong analytical and problem-solving skills
• Ability to build and maintain relationships across diverse technical and non-technical teams
• Strong verbal and writing skills, including program and executive reporting, training and education

Plusses:

• Security/Risk Certifications – EX: CISSP, CISA, etc.

Cybersecurity,Information security,Risk,Compliance,Regulatory