Company is currently looking for an IT Controls Analyst. The right candidate will work as a part of the IT Security Team and IT Controls Team reporting directly to the IT Cyber Security Risk Officer. Develop policies and procedures to ensure the organization has completed the necessary items for IT Compliance including but is not limited to Policy and Procedure creation and updates, Risk Assessments, Vendor Assessments, Disaster Recovery and Business Continuity Planning, SOX and PCI Audit involvement.
Essential Duties and Responsibilities include the following. Other duties may be assigned.
· Perform analysis of internal business as well as external events to ensure organizational risk is properly assessed and meets the organization IT Compliance needs
· Assist with development and implementation of security policies, standards and education efforts
· Maintain all existing policy and procedures to ensure they continue to address all compliance needs
· Draft, implement, and track management action plans
· Collaborate with the Corporate Information Security and IT Controls teams to review security policies, standards, procedures and guidelines
· Business Continuity Plan creation, planning, maintenance and testing
· Disaster Recovery Plan creation, planning, maintenance and testing
· Create and maintain Vendor Risk Assessment templates and evaluations
Education and/or Experience
· Bachelor's degree from a four-year college or university
· Five plus years of information technology compliance experience
· SOX and Operational Control testing experience
· Understanding of NIST and COBIT frameworks
· Ability to update policies/procedures based on current operations