TEKsystems is hiring: Security Compliance Analyst in Overland Park

Location: Overland Park, KS (On site 2 – 3 days a week, must be vaxxed)

Duration: 6 months contract to hire

Top Skills' Details:

1. 3+ years of technical security and/or compliance experience supporting audit documentation, control validation and/or operation
2. Experience with risk management tools (ServiceNow [preferred], Archer, etc)
3. Process mapping, documentation, and improvement experience (system security plan)

Job Description

The Security Analyst will support T-Mobile's DCI (Domestic Communications Infrastructure) asset management inventory. They will support the process of updating T-Mobile's system of record reflecting all assets on their domestic communications network. This will require operating controls, managing processes for audit documentation and control validation, and identifying areas for process improvement/automation.

Responsibilities
Enable compliance to various regulations, industry standards, and company policies
Maintain accurate inventory of technology, processes and people that are required to comply with regulations, industry standards, and company policies
Develop and test formal security controls
In partnership with coworkers, evaluate complex technologies, systems, processes and controls to identify security risks and compliance gaps; work collaboratively with partner teams for resolution; manage escalations and resulting timelines to ensure compliance
Lead and/or participate in security reviews, assessments, and/or certifications
Participate in strategic key initiatives that take a proactive approach to cybersecurity compliance
Actively engage and work with key stakeholder teams to understand strategy that supports T-Mobile’s ongoing compliance (technologies, designs, remediation, planning and other related efforts)
Create detailed documentation for the supported compliance Programs
Provide feedback to management on compliance strategy and goals

Additional Skills & Qualifications

Desired Qualifications
• 2-5 years Information security, IT Audit, GRC (Governance, Risk, Compliance) or related field
• 2-5 years IT security control development, control testing, risk remediation, or reporting
• Experience with eGRC systems, compliance scope management or risk management processes
• Experience with managing internal and external regulatory related audits and assessments
• Knowledge of the IT technology stack and ability to interface the network, technology, application, business, and legal representatives
• Project management skills a plus
• Strong verbal, written and presentations skills
• Ability to read, identify and interpret policies, regulations, and contract security requirements
• Desired: Certification in one of the following: CIPP, CIPM, CIPT, CISA, CISSP. (Can be used to supplement experience)
• Desired: Experience working in Big 4 or equivalent firm