IT Compliance Specialist
- Job Title
- IT Compliance Specialist
- Job ID
- Nashville, TN
- Other Location
Title: IT Compliance Specialist
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 150+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies, to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record
Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project based work.
Conexess is looking for an IT Compliance Specialist that not only has a passion for cyber security, but compliance as well to work within a large and diverse business and IT community. Sound PM skills would be a major plus within this role as well!
- Understanding of industry standard governance and control disciplines
- Understanding of cybersecurity and risk management and ability to effectively communicate cyber risk to senior leadership
- Knowledge of governance frameworks, including but not limited to: ISO 27001, NIST, COBIT, ITIL, PCI DSS
- Knowledge of national and international regulations, industry standards, and/or contractual obligations, including but not limited to JSOX/SOX, HIPAA, PCI DSS, GLBA, SOC /SSAE16, GDPR, etc.
- Work with IT, legal, and other compliance stakeholders to develop information security compliance policies that address purpose, scope, and policy directives.
- Serve as the primary point of contact for all IT security policy documentation.
- Monitor and analyze legal, regulatory, industry, and contractual information security compliance requirements.
- Work with security and compliance leaders to implement a strategy for addressing compliance requirements.
- Assist the compliance team with reviewing and tracking outstanding information security audit findings, especially as they relate to policy gaps.
- Identify, monitor, resolve, and/or escalate information security issues.
- Update and help support the GRC tool to automate compliance processes including the policy life cycle and exception tracking.
- Serve as an input to the overall risk management program.
- Prepare metrics reports to provide to the senior leadership team.