Support, coordinate, review and communicate controls attestation within Service Now compliance portal
Analyze management and technical controls to ensure that specific security and compliance requirements are met through the verification of documented processes, procedures and standards in order to validate maintenance of secure configurations
Support control owners for ‘issue management’ process and collaborate with them for any inquiry within Service Now platform
Develop plans and help enhance the control remediation process and monitoring of the process
Confer with users to discuss issues around completion of control attestation or remediation of controls
Track enterprise compliance across multiple security frameworks including ISO, PCI, CMMC etc., and maintain up-to-date records of requirements and corresponding mitigating controls
Perform different cyber compliance activities as assigned
Modify, develop and help support creation of different compliance process workflows
Develop and support key performance metrics to track and ensure compliance with established policies and standards
Support development of security processes and procedures and support service-level agreements to ensure that security controls are managed and maintained
Requirements
Associate's degree in computer, information assurance, IT Audit or compliance field or relevant field required
Bachelor's degree preferred
3-5 years’ experience required in security controls or risk management
At least one industry certification (e.g. CISA, CISM, CRISC, CISSP or equivalent) highly desired
Verbal and written communication skills
Problem solving skills
Customer service and interpersonal skills
Ability to work independently and manage one’s time
Knowledge of cybersecurity control frameworks, such as ISO 27001, NIST CSF, CIS controls, Cloud Security Alliance (CSA) controls etc.
Knowledge of the practical application of security controls and interpretation of controls
Service Now GRC/IRM platform experience a plus
Strong analytical and critical-thinking skills
High-level of attention to detail and be a self-starter with ability to work independently, multi-task and adjust to shifting priorities