Manage compliance assessments across a broad range of programs, including PCI, ISO 27001, HITRUST, and other assurance programs as needed
The Compliance Analyst is a member of a cross functional team that is tasked with ensuring that the company's IT technology and IT operations are in alignment with the applicable regulations, standards, and contractual obligations. As part of this team, the IT Compliance Officer performs internal audits and assessments of IT assets, policies, and processes to validate they comply with all applicable standards and/or obligations. This role also manages external assessments that are conducted by customers, their partners, and third parties, to demonstrate the company’s alignment with customer security standards and controls.
Responsibilities:
Audit/assess IT controls to ensure compliance with regulatory, contractual, and internal standards and/or obligatio
nsManage compliance assessments across a broad range of programs, including PCI, ISO 27001, HITRUST, and other assurance programs as neededCo
nducted supplier due diligence reviewsSupport IT and business stakeholders to create clear, actio
nable plans detailing specific deliverables, timelines, and accountability to resolve information security issuesTracking and reporting of outstanding security-related issuesFacilitate the annual review of compliance policies, processes, and proceduresComplete daily, weekly, and mo
nthly compliance reports and other scheduled reports as assignedComplete quarterly and semi-annual access recertificatio
nReview and approve production change requestsParticipate in incident respo
nse drills and live events to ensure the team follows the defined incident respo
nse strategy, policies, and proceduresLead the implementation, communication, and training of awareness and compliance programsRemain up-to-date on regulatory changes and landscape, best practices and developments in the industryRepresent and advance a “compliance culture” within the organizatio
nProvide 7x24 support for critical security issuesPerform other duties as assigned
Required Work Experience:
Strong knowledge and 5+ years of experience in PCI DSS, ISO 27001, and HITRUST f
rameworksStrong knowledge and 5+ years of experience in risk management f
rameworksStrong knowledge of Windows operating systems, network technology, mobile technologies, and business applicatio
nsFirm understanding of audit methodologies and developing internal audit deliverables including process flows, work programs, audit reports, and co
ntrol summariesFirm understanding of process areas including service management, change management, problem management, incident management and access management
Professional Competencies:
Excellent verbal and written communications and presentation skills with the ability to communicate with internal/external customers, suppliers, management etc. in both formal and informal situatio
nsAbility to forge and maintain positive relatio
nships with auditees to identify opportunities to improve ease of audit and assessment practicesAbility to research, analyze, and resolve issues stemming from non-complianceAbility to learn quickly and adjust to changes in technologyResults oriented, high energy, self-motivatedOrganized, responsible, and meticulousAble to prioritize multiple tasks in a fast-paced environment
Education Requirements:
BS in information systems, computer science or equivalent with 5+ years of hands-on compliance or IT audit experience in a large, global enterprise enviro
nmentIndustry recognized certifications such as CISA, ISO 2701 Lead Auditor, PCI ISA/QSA, HITRUST CCSFP preferred
*Must be willing to work on a hybrid set up, work on night shift or shifting schedule, and willing to have occasional domestic and international travel.
HCM Nexus has been delivering best fit HR solutions and candidates to our clients since our humble beginnings in December 2012. It has been inspired by our dream of an organization that provides quality recruitment and HR services to clients, while helping job candidates establish and build their careers.STRONG BUSINESS PARTNERSHIPS, SUCCESSFUL CANDIDATES.Our commitment to both companies and individuals has strengthened our place in the industry as a fair, reasonable, and reliable service provider. We believe in talent and passion, and that it is possible to find the job where people can be their best. Finding the best fit of solutions and people for your business drives our passion to serve.TURNKEY SOLUTIONSJust like a bespoke tailor finds the right materials and determines the proper cut for a great suit, we take the time to diligently analyze the particular needs of our clients in terms of job candidates and HR interventions. Rigorous selection and careful planning ensure that the people we recommend and the services we provide actually resolve organizational problems and help you achieve your business targets.FUTURE-PROOF FIXESIn terms of HR and business solutions, we create programs that are APPROPRIATE, RELEVANT, and PROPERLY-SCALED to help clients succeed in their current endeavors, but always with an eye to their future horizons. We ensure that proper job matching occurs and that the HR solutions we deliver will cater not only to your present needs but also to possible future issues and developments.SUITED FOR SUCCESSHCM Nexus adheres to the principle that proper job matching ensures that both clients and candidates come out of the engagement as winners. For the clients, Success is when they get the best candidate for the position. For the candidates, Success is when they find a job that they love.
