Key skills
CloudCyber SecurityAIRisk ManagementTime ManagementCloud Security
About this role
Role Overview
- The Senior IT Security Compliance Analyst provides support for technology compliance programs, including leading and executing functions and duties that may include: consulting and collaborating with business and technology stakeholders at all levels on control design and remediation to mitigate technology risks; participating on large-scale projects; maintaining IT control library/testing general computer and application controls; coordinating and supporting technology components of onsite and virtual audits/assessments, NCUA examinations, and client due diligence reviews;
- Performing segregation of duties reviews and user attestations; documenting process flows and compliance-related deliverables; assisting with the creation and maintenance of IT and information security policies and standards required to maintain company certifications (e.g., PCI DSS, NIST CSF);
- Coaching and cross-training technology compliance staff. The individual will execute assigned duties to meet stated priorities and SLAs. The individual plays a critical role in driving technology control and compliance practices and adoption across the company.
- This role directs and advises technical SMEs in the design, implementation, monitoring and reporting of technology control and compliance processes and documentation on-premise and in the Cloud.
Requirements
- Bachelor’s degree in computer science, information systems, cybersecurity, or related field, or equivalent combination of education and experience required
- Cybersecurity risk management, governance, and control professional certification required (e.g., CISA, CRISC, CGEIT)
- Eight (8) years of relevant work experience in public accounting firm, IT controls consulting/testing, PCI/NIST CSF assessments, IT internal/external auditing, and technology risk management required
- Experience in identification, validation, design, and testing operating effectiveness of general computer and application controls
- Experience assessing cloud security and controls required
- Experience in financial services required
- Theoretical knowledge and practical application of major risk and IT control frameworks, IT industry standards, and financial services regulations surrounding IT (e.g., PCI, NIST CSF, NIST AI Risk Management, FFIEC, NACHA, CMM, COBIT, ITIL, COSO)
- Strong organizational and time management skills; Ability to multi-task and juggle competing tasks under strict deadlines
- Ability to communicate effectively, both verbally and in written formats
Tech Stack
- Cloud
- Cyber Security
Benefits
- Competitive wages
- Medical with telemedicine
- Dental and Vision
- Basic and Optional Life Insurance
- Paid Time Off (PTO)
- Maternity, Parental, Family Care Community Volunteer Time Off
- 12 Paid Holidays
- Company Paid Disability Insurance
- 401k (with employer match)
- Health Savings Accounts (HSA) with company provided contributions
- Flexible Spending Accounts (FSA)
- Supplemental Insurance
- Mental Health and Well-being: Employee Assistance Program (EAP)
- Tuition Reimbursement
- Wellness program