Overview
On Site
Hybrid
$60 - $85
Contract - W2
Contract - Independent
Contract - 12 Month(s)
Skills
risk
compliance
risk management
grc
audit
iso
it governance
governance
cisa
cism
compliance manager
compliance director
auditor
Job Details
Compliance Manager
Responsibilities:
The requirements listed below are representative of the knowledge, skill, and/or ability required.
3rd Party Risk Management -
- Manages third-party risk assessments for IT-related processes and systems ensuring adherence to security requirements.
- Assesses and interprets third-party documents and other pertinent source documents as necessary to support testing requirements and audit processes.
- Monitors open third-party security issues and remediation actions associated with security control gaps to ensure timely closure.
- Assist in developing policies, procedures and processes based on audit findings.
Client Security Audits -
- Works across the Information Security team to ensure timely completion of client audit questionnaires.
- Answers client audit requests with a high degree of accuracy.
- Improves processes and procedures related to audit and client assurance.
IT Security Certifications and Accreditations -
- Prepares for and completes certification audits such as ISO 27001, ISO 22301, SOC 2.
- Assists with the development of action plans related to at-risk areas.
- Identifies improvement opportunities and provides recommendations to mature existing IT processes and controls in alignment with best practices.
Requirements:
- 7 years progressive experience ideally in a corporate setting in one or more of the following areas: IT Audit, IT Risk Management, Information Security, or IT Governance.
- Experience with performing technical risk assessments, analyzing risk, and providing recommendations on risk mitigation strategies in cloud and on-premises environments.
- The ideal candidate has experience as an Information Systems auditor and preferably acting as an auditor from a firm that does ISO or SOC certifications.
- Background in planning, scoping and managing audits in an ISO 27001 environment.
- Strong verbal and written communication skills in interacting with technical and non-technical individuals across the business and third parties.
- A highly collaborative mindset with a strong desire to work closely with the business, development and technical operations teams.
- Bachelor's degree from an accredited college/university.
- Must possess and maintain one or more of the following industry recognized cybersecurity certifications: CISA, CISSP, CRISC, CISM or equivalent.