SECURITY AND COMPLIANCE ANALYST
Secure Digital Solutions, Inc, a leader in security performance management is seeking a motivated and energetic Security Analyst, with experience in IT security or IT governance/compliance.
The Security Analyst will be proficient in information security principles and standards, possess a solid understanding of the aspects of information security and information technology, and demonstrate familiarity of SDLC and project management processes with ability to apply that knowledge to solve problems and deliver solutions.
The position will document, review and maintain controls, control activities, conduct control mapping across multiple frameworks and regulatory requirements while also supporting and responding to inquiries from internal and external stakeholders.
- Respond to updated regulatory data protection requirements
- Understanding of multiple regulatory requirements and frameworks (ex. NIST, ISO, PCI DSS, HIPAA, GDPR, CCPA)
- Experience in an organization with large-scale data and oversight
- Become the liaison between multiple lines of business, groups and stakeholders involved in the data security program
- Ability to develop constructing working relationships while delivering within expected milestone dates
- Map controls to policies, standards, procedures, and process to ensure compliance
- Propose remediation guidance to customers and consult on such guidance
- Maintain broad knowledge of best practices and trends in the field of Information Security and other technologies relevant to systems operated by customer teams
- Translate security risk mitigation plans into actionable items to mitigate risk
- Extensive knowledge of security technologies and risk assessment methodologies, policies and processes
- Ability to interpret and assess the adequacy of compliance control activity and evidence
- Ability to adapt in a ever changing and fast-paced environment
- Ability to work effectively, independent of assistance or supervision
- Innovative, creative, and extremely responsive with a strong sense of urgency
- Excellent written and oral communication skills, as well as interpersonal skills including the ability to articulate to both technical and non-technical audiences
- The ideal candidate will have at least 4 years experience working within compliance or audit functions with 2 plus years of direct information security work experience
- Excellent analytical, evaluative, and problem-solving abilities
- Must have demonstrated ability to collaborate with technical and non-technical teams to further the goals and mission of the project team
- 2-3 years in an information technology role, basic understanding of networking and information security risk management, Proficiency with email, messaging and MS Office tools.
- Working knowledge of Information Security Governance Risk and Compliance, (e.g. ISO27001/2, and National Institute of Standards and Technology (NIST)
- Employment eligibility to work with Secure Digital Solutions, Inc in the U.S. is required as the company will not pursue visa sponsorship for this position.
- We offer a comprehensive benefits package commensurate with experience that includes: Group medical, dental and vision, paid vacation and holidays, 401(k) plan, and tuition reimbursement.
- One location or remote location possible
- Paid time off
- Health insurance
- Dental insurance
- Healthcare spending or reimbursement accounts such as HSAs or FSAs
- Other types of insurance
- Retirement benefits or accounts
- Education assistance or tuition reimbursement
- Employee discounts
- Workplace perks such as food/coffee and flexible work schedules
- Flexible schedules
Interested parties should inquire at firstname.lastname@example.org . No recruiters at this time please.
- All your information will be kept confidential according to Equal Employment Opportunity guidelines.