Robert Half's client is seeking an IT Compliance Assessor for a contract to hire position based in Charlotte. Must have 2-3 years of experience leading enterprise risk assessments in the banking or financial industry, and must be an expert in NIST CSF.
- Responsible for conducting independent comprehensive assessments of management, operational, and technical security controls and control enhancements to determine its overall effectiveness.
- Evaluates the effectiveness of control design and operation to meet compliance requirements.
- Performs or facilitates various assessments based on banking requirements and security controls (NIST CSF, FFIEC, OCC, EUBA, OSFI, and NIST-CRI).
- Communicates assessment observations with stakeholders to confirm understanding.
- Prepares draft reporting inclusive of assessments, summaries, findings, and recommendations for management review.
- Performs compliance reviews at the request of management for updates to business processes or new initiatives.
Skills and Experience
- Demonstrate comprehensive familiarity with security controls, control implementation, assessment process and control maturity.
- Proven track record of successfully leading security and compliance initiatives
- Strong analytical skills and ability to assess complex problems and translate them into actionable strategies.
- Excellent communication and interpersonal skills, with the ability to collaborate at all organizational levels.
- Two to Three years' experience in a lead assessor role using NIST Cyber Security Control Framework.
- Deep understanding of evaluation and validation principles and practices
- Ideal candidate industry certifications; CISA, CRISC, CISM, QSA
- Must have a bachelor's / university degree