• Technical Director of Audit & Compliance

    Job Locations US-TX-Plano
    Job ID
    2018-1163
    Category
    Information Technology
    Type
    Direct
  • Overview

    The Director of Audit and Compliance is responsible for architecting and implementing the audit and compliance program, and takes a significant, hands-on, strategic and tactical approach to the Compliance aspects of Information Security.  Must come from a technical background - network/security architecture experience required.

    Responsibilities

    • Managing and enhancing the audit and compliance strategy as part of the overall information security strategy

    • Keeping abreast of the evolving regulatory and compliance landscape facing the business, and ensuring that the audit and compliance strategy is frequently updated to reflect these changes

    • Conducting regular internal audit of security controls and operational processes to ensure compliance is built-in to IT methodologies, ensuring the business is well prepared for external audits

    • As part of internal audit, ensure security controls and IT processes are operating in accordance with the company's stated Information Security policies and procedures

    • Steward the annual Security Awareness Training initiatives

    • Provide ownership for annual Incident Response training, ensuring the Incident Response Plan is up-to-date and tested

    • Own the Information Security aspects of BCP and DR planning (ensuring data availability)

    • Perform backup duties of the Security Operations role when required (training will be provided)

    • Participate in the annual Risk Assessment activities

    • Answer customer and partner security and compliance questionnaires as needed

    • Provide SAS 70 / SOC bridge letters attesting to compliance status for customers as needed

    Qualifications

    • Bachelor’s degree in computer science, information security, or information assurance is preferred; other technical degrees will be considered; Master’s in business, information systems, or information security is preferred
    • 5+ years of hands-on experience, in an audit capacity, in any mix of SOC 1, SOC 2, PCI and HIPAA regulatory compliance
    • Knowledge of BSA, AML, and KYC regulations is preferred
    • Knowledge computer forensics tools, SIEM products, vulnerability scanners is preferred
    • Knowledge of intrusion detection / prevention systems, Web Application firewalls and network firewalls is strongly preferred
    • Knowledge of operating systems and networking is preferred
    • Strong analytical, problem-solving, and critical thinking skills
    • Strong verbal and written communication skills, and presentation skills
    • Other applicable certifications a plus (CISSP, CISA, etc.)

    • Develop a working knowledge of each business unit

    • Demonstrate follow through – meets stated expectations – on-time and with quality

    • Hands-on – willing to learn technologies in order to understand and properly audit related controls, and perform as a backup for Security Operations when needs dictate

    • Detail orientation – accurate execution of critical projects

    • Demonstrate strong listening and communication skills that result in effective relationships with Solution Managers and IT counterparts
    • Ability to pass strict background check for handling sensitive data

    Options

    Sorry the Share function is not working properly at this moment. Please refresh the page and try again later.
    Share on your newsfeed