Job Listing
|
|
| Job ID: 14016166 |
|
| |
| Job Location: |
|
| |
|
|
| |
| How to Apply: | To see employer contact information, log in or register. |
| |
| Job Title: | Risk & Compliance Analyst |
| Work Type: | Work Days: Work Vary: Yes , Shift: Other, Hours Per Week: 40, Work Type: Regular |
| |
| Salary Offered: | Unspecified |
| Benefits: | Unspecified. |
| |
| Physical Required: | Unspecified |
| Drug Testing Required: | Unspecified |
| Education Required: | Bachelor's Degree |
| |
| Experience Required: | Unspecified |
| |
| Required Skills: | Please see the job description for information about required job skills. |
| Preferred Skills: |
|
| |
| |
| |
|
| Job Description: |
Choosing a career with ECMC Group means joining a nonprofit corporation with a mission to help students succeed. With a vibrant mission and values, great benefits, and strong community involvement, ECMC Group companies are an ideal team to join.
Job Summary
Responsible for planning, performing, monitoring, and reporting on components of varying complexity regarding IT compliance as well as other assigned projects within information system areas of the Company. Performs assigned portions of IT compliance programs, determining compliance with policies and procedures, monitoring, recommending corrective action, preparing findings, and assisting with remediation plans. Reviews and services should be performed in accordance with professional and department standards.
Essential Duties and Responsibilities
Leads and performs multiple compliance tasks, which may include planning, risk analysis, customer interaction, testing, and reporting procedures in accordance with appropriate professional and department standards
Leads vendor security risk assessments and security contract review process
Works independently to lead discussions with management regarding processes and noted control weaknesses
Obtains buy-in and ownership from management for observations and remediation plans, while informing management of the status of the remediation plans
Prepares documentation and draft reports to management to communicate final results, including recommendations for improving information system practices and controls
Assists with ongoing risk assessments, IT internal and external audits
Plans and executes compliance reviews
Completes department administrative reporting as assigned
Provides guidance to staff on assignments of low to medium complexity as assigned
Anticipates and manages customer expectations and consistent delivery of services
Effectively conveys information to various audiences, including peers and leaders
Required Qualifications
Bachelor's degree in computer information systems, information technology, legal studies, or related field or an additional 2 years of experience in lieu of degree
3 years' experience in IT risk and compliance, IT governance, IT auditing or an IT related field
Experience assessing vendor risk, performing security assessments, and reviewing contracts
Experience working with procurement and legal teams
Experience assessing security controls for AWS or cloud environments
Experience developing and maintaining policies and/or information management frameworks
Experience creating and assembling evidence for internal or external auditors
Advanced knowledge of Microsoft Office suite, including experience analyzing data using Excel and designing or managing SharePoint sites
General knowledge of security control concepts, principles, risk analysis, FISMA, PCI Compliance, HIPAA, Privacy, process improvement and techniques, including frameworks such as NIST, ISO2700, COSO and COBIT
Preferred Qualifications
Certified Information Systems Auditor (CISA), Certified Internal Auditor (CIA) certifications preferred
To perform this job successfully, an individual must be able to perform each essential duty satisfactorily. The requirements listed above are representative of the knowledge, skill, and/or ability required. Reasonable accommodations may be made to enable individuals with disabilities to perform the essential functions.
ECMC Group is committed to ensuring our diverse, inclusive and equitable culture is built on a strong sense of belonging, where everyone feels seen, heard and encouraged to show up as their authentic self.
ECMC is an EEO/AA employer. Women, minorities, veterans, and individuals with disabilities are encouraged to apply.
Refer to ID 78930668 when applying |
|