Overview
On Site
$65.00 - $75.50 hourly
Accepts corp to corp applications
Contract - Independent
Contract - W2
Contract - Temp
Skills
Legal
NIST 800-53
Sarbanes-Oxley
PCI DSS
COBIT
ISO 9000
AV
Audiovisual
Training
Security Awareness
Articulate
Microsoft Power BI
Reporting
Data Management
Nmap
Infoblox
Inventory
Payment Card Industry
Microsoft Visio
Microsoft PowerPoint
Microsoft Excel
Data Flow
CISSP
CISM
Privacy
Regulatory Compliance
Management
Presentations
IT Security
Retail
ServiceNow
Risk Management
Artificial Intelligence
Messaging
Job Details
RESPONSIBILITIES:
Kforce has a client in Rocklin, CA that is seeking a Senior Compliance Specialist that supports the sustained compliance of the company with requirements for the protection of its systems and information assets. The scope of work extends across the corporate environment and its consumer delivery channels and it addresses legal requirements and industry standards such as NIST CSF, NIST 800-53, SOX, PCI-DSS, COBIT, ISO, GDPR, CPRA, and others.
Summary:
This is a high-impact role with cross-functional visibility and a blend of hands-on work and strategic contributions. The Senior Compliance Specialist will advance our security and privacy compliance programs by maturing our enterprise-wide security awareness initiatives and managing our organization's compliance with emerging privacy regulations. They will also be responsible for maintaining and improving the inventory of critical systems, tracking personally identifiable information (PII), and defining and overseeing the scope of our PCI cardholder data environment.
Duties:
* Working on Phishing Training
* Finding a 3rd party instructor lead training for developers
* Not creating the content - more analyzing and selecting audience appropriate existing training content within KnowB4, Proofpoint, and Articulate; We need someone to review and advise on the best content to use for specific teams
* Working with AV folks to coordinate rotating security awareness messaging being displayed in public areas
* Selecting content for rotating flyers/posters
* Monitoring training completion rates - metrics (PowerBI)
REQUIREMENTS:
* 8-10 years of experience
* ServiceNow IRM experience
* Security Awareness Tools: KnowB4, ServiceNow, Articulate
* PowerBI for reporting and tracking - creation would be nice to have
* Enterprise level company/Global company experience
* Exemplary soft skills
* GDPR type data management experience; Tracking what applications have PII and the exposure there; Data flow for different applications and the security around that
* Privacy Tools experience, such as: Nmap, PENG, Infoblox, Tanium
* OneTrust inventory experience - what applications have PII and what are the data elements of that PII?
* Scope PCI environment experience
* Needs to have very strong Visio, PowerPoint, Excel skills
* Understanding Data Flow for Business Solutions
* Technical competency regarding security and compliance risks and mitigation
Nice to have:
* CISSP, CISM, or similar certification
* Privacy certification (e.g., Certified Information Privacy Professional)
* Retail experience
* Experience interfacing with and communicating information on complex privacy and security compliance issues to senior management and business units and external parties
* Experience presenting IT security issues to large audiences, forums, or communities
* Experience working within the retail sector
* Experience with the ServiceNow Integrated Risk Management (IRM) tool.
* Experience with Truyo
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Kforce has a client in Rocklin, CA that is seeking a Senior Compliance Specialist that supports the sustained compliance of the company with requirements for the protection of its systems and information assets. The scope of work extends across the corporate environment and its consumer delivery channels and it addresses legal requirements and industry standards such as NIST CSF, NIST 800-53, SOX, PCI-DSS, COBIT, ISO, GDPR, CPRA, and others.
Summary:
This is a high-impact role with cross-functional visibility and a blend of hands-on work and strategic contributions. The Senior Compliance Specialist will advance our security and privacy compliance programs by maturing our enterprise-wide security awareness initiatives and managing our organization's compliance with emerging privacy regulations. They will also be responsible for maintaining and improving the inventory of critical systems, tracking personally identifiable information (PII), and defining and overseeing the scope of our PCI cardholder data environment.
Duties:
* Working on Phishing Training
* Finding a 3rd party instructor lead training for developers
* Not creating the content - more analyzing and selecting audience appropriate existing training content within KnowB4, Proofpoint, and Articulate; We need someone to review and advise on the best content to use for specific teams
* Working with AV folks to coordinate rotating security awareness messaging being displayed in public areas
* Selecting content for rotating flyers/posters
* Monitoring training completion rates - metrics (PowerBI)
REQUIREMENTS:
* 8-10 years of experience
* ServiceNow IRM experience
* Security Awareness Tools: KnowB4, ServiceNow, Articulate
* PowerBI for reporting and tracking - creation would be nice to have
* Enterprise level company/Global company experience
* Exemplary soft skills
* GDPR type data management experience; Tracking what applications have PII and the exposure there; Data flow for different applications and the security around that
* Privacy Tools experience, such as: Nmap, PENG, Infoblox, Tanium
* OneTrust inventory experience - what applications have PII and what are the data elements of that PII?
* Scope PCI environment experience
* Needs to have very strong Visio, PowerPoint, Excel skills
* Understanding Data Flow for Business Solutions
* Technical competency regarding security and compliance risks and mitigation
Nice to have:
* CISSP, CISM, or similar certification
* Privacy certification (e.g., Certified Information Privacy Professional)
* Retail experience
* Experience interfacing with and communicating information on complex privacy and security compliance issues to senior management and business units and external parties
* Experience presenting IT security issues to large audiences, forums, or communities
* Experience working within the retail sector
* Experience with the ServiceNow Integrated Risk Management (IRM) tool.
* Experience with Truyo
The pay range is the lowest to highest compensation we reasonably in good faith believe we would pay at posting for this role. We may ultimately pay more or less than this range. Employee pay is based on factors like relevant education, qualifications, certifications, experience, skills, seniority, location, performance, union contract and business needs. This range may be modified in the future.
We offer comprehensive benefits including medical/dental/vision insurance, HSA, FSA, 401(k), and life, disability & ADD insurance to eligible employees. Salaried personnel receive paid time off. Hourly employees are not eligible for paid time off unless required by law. Hourly employees on a Service Contract Act project are eligible for paid sick leave.
Note: Pay is not considered compensation until it is earned, vested and determinable. The amount and availability of any compensation remains in Kforce's sole discretion unless and until paid and may be modified in its discretion consistent with the law.
This job is not eligible for bonuses, incentives or commissions.
Kforce is an Equal Opportunity/Affirmative Action Employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, sex, pregnancy, sexual orientation, gender identity, national origin, age, protected veteran status, or disability status.
By clicking ?Apply Today? you agree to receive calls, AI-generated calls, text messages or emails from Kforce and its affiliates, and service providers. Note that if you choose to communicate with Kforce via text messaging the frequency may vary, and message and data rates may apply. Carriers are not liable for delayed or undelivered messages. You will always have the right to cease communicating via text by using key words such as STOP.
Employers have access to artificial intelligence language tools (“AI”) that help generate and enhance job descriptions and AI may have been used to create this description. The position description has been reviewed for accuracy and Dice believes it to correctly reflect the job opportunity.