IT Compliance & Risk Management Specialist

Software Guidance & Assistance, Inc., (SGA), is searching for an IT Compliance & Risk Management Specialist for a CONTRACT assignment with one of our premier Financial Services clients in Boston, MA.

Responsibilities:

• Perform IT compliance, risk assessment, and mitigation.
• Provide business and technical expertise for compliance including impact level and vulnerability corrective action recommendations and follow-up. Develop, update, and maintain IT compliance documentation based on firm IT compliance standards.
• Conduct regular reviews and assessments to coordinate IT compliance testing and reporting requirements.
• Analyze IT compliance and risk related policies and standards.
• Performing activities associated with the Bank's information security framework.
• This includes assisting business lines completing security control self-assessments, preparing System Security Plan documentation, conducting analysis of security control deficiencies, and monitoring risk management activities.
• Providing status reports of progress.
• Optionally and skills dependent, candidate could participate in independent security controls testing activities such as technical scanning or management/operational reviews.
• Executing continuous monitoring activities, including recurring access reviews, and preparing security-related documentation.
• Assisting peers within the Information Security function with ad hoc risk assessments, such as software/hardware compliance reviews.
• Update, and maintain IT compliance documentation based on IT compliance standards.
• Conduct reviews and assessments to coordinate Enterprise Risk Management and Security Assurance for the firm.
• Staff working within the Information Security function are expected to obtain an enhanced clearance (NACI level 2 or equivalent).

Required Skills:

• Working knowledge of NIST 800 series Special Publications, FISMA, or equivalent IT security programs.
• Knowledge and experience with risk assessments, security plans, and test and evaluation activities.
• Ability to recommend corrective action plans.
• Ability to interpret security policies and standards and understand how they can be best applied within an organization.
• Good organization skills with the ability to exercise discretion and ingenuity to determine the proper course of action while following established standards.
• Ability to be innovative with resourcefulness and a strong drive for results.
• Strong communication skills to support team members within the Information Security function and business lines in firm.
• Excellent written and verbal communication skills.

Preferred Skills:

• Background in information technology, information security, computer science, data analysis or equivalent preferred.

SGA is a technology and resource solutions provider driven to stand out. We are a women-owned business. Our mission: to solve big IT problems with a more personal, boutique approach. Each year, we match consultants like you to more than 1,000 engagements. When we say let's work better together, we mean it. You'll join a diverse team built on these core values: customer service, employee development, and quality and integrity in everything we do. Be yourself, love what you do and find your passion at work. Please find us at .

SGA is an Equal Opportunity Employer and does not discriminate on the basis of Race, Color, Sex, Sexual Orientation, Gender Identity, Religion, National Origin, Disability, Veteran Status, Age, Marital Status, Pregnancy, Genetic Information, or Other Legally Protected Status. We are committed to providing access, equal opportunity, and reasonable accommodation for individuals with disabilities in employment, and our services, programs, and activities. Please visit our company to request an accommodation or assistance regarding our policy.