Diverse Lynx
Lead SOC Consulatant
Diverse Lynx, Atlanta, Georgia, 30383
Job Description: Have a good understanding of SOX, PCI, SOC1/SOC2, NIST RMF/ CSF, ISO 27001, and ISO 27005 standards. Have 3 6 years of experience in conducting Gap Assessments, Regulatory Compliance Assessments across the organizational assets (On prem and Cloud) towards these standards, identify areas of improvement and develop mitigation measures or additional controls. Ensure compliance with all applicable policies, regulatory requirements, and standards. Have minimum 3 years of experience in SOX onboarding process and compliance assessments. Have minimum 3 years of experience in PCI standards assessment. Work with process owners to identify and understand new business processes or changes to existing processes including process narratives, related flowcharts, and the identification and documentation of key controls. For the controls identified/defined you need to work with teams to ensure controls are being met/compliant Also what controls apply to each application. Understand and implement procedures for company wide adherence to SOX, PCI, ISO27001 and other compliance programs. Have developed audit reports on the implementation status for the application and controls in scope. Hands on working with Application teams bringing the application once in scope for SOX to go live Setting up audits, reviewing the audits/baseline audits, understanding of dataflow/architecture to understand impacts, defining key controls. Develop recommendations and support in implementing the recommendations by collaborating and coordinating with the respective system owners. Follow up on audit recommendations. Understanding the difference between SOC1 and SOC2 and testing procedures/ test cases Should be able to correctly identify on what environments does SOX apply. Should be able to distinguish controls that are applicable to variable cloud offerings. Have good understanding/ in depth about Complementary User Entity Controls (CUECs) Preferred cloud experience with SOX Helping in remediation of findings Being able to act as SME and ad hoc help application teams with questions to ensure SOX compliance meets regulatory requirements. Qualifications and Certifications: Bachelor's degree in Accounting, Finance, Engineering, or related field. Aware of new developments in advisory services capabilities and industry knowledge Strong understanding of regulations, and internal controls Familiarity with project management practices and techniques Strong interpersonal skills, critical thinking skills, and time management skills Proficient verbal and written communication skills Comfortability working in a collaborative environment. Certifications (at least one or more of these): CISA, CISM, ISO 27001 Lead Auditor, Google Cloud Security Professional (GCP). Diverse Lynx LLC is an Equal Employment Opportunity employer. All qualified applicants will receive due consideration for employment without any discrimination. All applicants will be evaluated solely on the basis of their ability, competence and their proven capability to perform the functions outlined in the corresponding role. We promote and support a diverse workforce across all levels in the company.