We are looking for a Senior Security Compliance Analyst to be responsible for the execution and management of security compliance certification programs across the company that include but not limited to SOX, ISO 9001, ISO 27001, GDPR, HIPAA, and 21 CFR Part 11 GMP. This role will be focused on evaluating security controls, acting as a subject matter expert, and supporting audits for certification programs. This individual will have the ability to work with various teams to identify deficiencies, create controls, and report progress.
• Responsible for execution and management of security compliance certification programs across the company.
• Evaluate security controls, supporting audits (SOX, ISO), and acting as a compliance subject matter expert.
• Maintain monitoring of security controls and operating procedures in cooperation with internal teams.
• Manage compliance controls lifecycle including design, testing, ongoing monitoring, mapping to risks, policies and procedures.
• Effectively communicate with management on decisions that impact multiple programs and teams.
• Partner with external partners to ensure compliance program activities are managed appropriately and organized in a manner that promotes alignment.
• Review operational procedures to ensure they comply with security audit requirements
• Facilitate external security auditor engagements, organize required objective compliance evidence, schedule required resources and audit timelines
• Engage with partners and team members on risk and compliance identification and managing remediation process
• Manage Risk and Compliance with project-level detail similarly to how it relates to stakeholders, action items, development queues, and comprehensive progress reports
• Explain and uphold security controls to business and technical users
• Manage Exceptions to Security and Compliance Policies and the certification of this.
• Track states of Risk and Compliance and effectively communicate this through presentation and reporting
• Recommend and help others with solutions that help the company meet certain levels of security and compliance.
Skills You Have:
• Minimum of 5 years of experience in the past 7 years as a compliance manager and/or IT auditor.
• Experience with Enterprise Network devices (i.e. Routers, Switches, Firewalls.)
• Experience with Operating platforms (i.e. UNIX and Microsoft)
• Proficiency conducting and evaluating/analyzing results from the following set of tools, to include but not limited to: Nexpose, WebInspect
• Provide technical and strategic leadership and subject matter expertise regarding ISO 9001, ISO 27001, GDPR, HIPAA, and 21 CFR Part 11 GMP Documentation and Regulations.
• Ensure compliance with regulatory requirements and assume primary responsibility for SOP updates, Tools instructions, and quality control or code development.
• Provide leadership in developing and executing the following processes: Internal Quality Audits, Third Party Audits, Corrective and Preventative Action, Management Review, Calibration, Document and Data Control, Risk Management, Quality Planning, Validation, and Control of Nonconforming Material.
• General knowledge of IT systems, DevOps, IT security, and software development.
• Well-versed in legal and regulatory guidelines and best practices.
• Technical systems knowledge – especially in the arears of access control and logging
• Strong analytical skills and attention to detail.
• Ability to maintain confidentiality.
• Excellent communication and coordination skills with the ability to build strong relationships across cross-functional teams.
• Strong technical writing and research skills.
• CISA, CIA, QSA, CISSP, PMP certifications a plus.
Please note: This client is not accepting candidates submitted by other staffing firms or agencies at this time. Thank you.
Applicants for this opportunity must have an unrestricted right to work in the United States.
[Persons in H-l, L-l, and OPT EAD status do not have unrestricted right to work.]
For immediate response please forward resumes to [email protected]
For a list of our current openings please visit Valintry's Jobs Webpage