IT Compliance Specialist
- Job Title
- IT Compliance Specialist
- Job ID
- 27026027
- Location
- Nashville, TN
- Other Location
- Description
-
Title: IT Compliance Specialist
Our History:
From our start in 2009, Conexess has established itself in 3 markets, employing nearly 150+ individuals nation-wide. Operating in over 15 states, our client base ranges from Fortune 500/1000 companies, to mid-small range companies. For the majority of the mid-small range companies, we are exclusively used due to our outstanding staffing track record
Who We Are:
Conexess is a full-service staffing firm offering contract, contract-to hire, and direct placements. We have a wide range of recruiting capabilities extending from help desk technicians to CIOs. We are also capable of offering project based work.Job Description:
Conexess is looking for an IT Compliance Specialist that not only has a passion for cyber security, but compliance as well to work within a large and diverse business and IT community. Sound PM skills would be a major plus within this role as well!Qualifications
- Understanding of industry standard governance and control disciplines
- Understanding of cybersecurity and risk management and ability to effectively communicate cyber risk to senior leadership
- Knowledge of governance frameworks, including but not limited to: ISO 27001, NIST, COBIT, ITIL, PCI DSS
- Knowledge of national and international regulations, industry standards, and/or contractual obligations, including but not limited to JSOX/SOX, HIPAA, PCI DSS, GLBA, SOC /SSAE16, GDPR, etc.
Responsibilities
- Work with IT, legal, and other compliance stakeholders to develop information security compliance policies that address purpose, scope, and policy directives.
- Serve as the primary point of contact for all IT security policy documentation.
- Monitor and analyze legal, regulatory, industry, and contractual information security compliance requirements.
- Work with security and compliance leaders to implement a strategy for addressing compliance requirements.
- Assist the compliance team with reviewing and tracking outstanding information security audit findings, especially as they relate to policy gaps.
- Identify, monitor, resolve, and/or escalate information security issues.
- Update and help support the GRC tool to automate compliance processes including the policy life cycle and exception tracking.
- Serve as an input to the overall risk management program.
- Prepare metrics reports to provide to the senior leadership team.