Jetson Specialty Marketing Services Inc
Security Compliance Analyst
Jetson Specialty Marketing Services Inc, Kutztown, Pennsylvania, United States, 19530
Job DescriptionPosition Summary:
This role will monitor, manage, and close existing compliance issues while analyzing internal systems for compliance with security standards. This position will work with IT support staff to perform vulnerability and risk assessments and develop mitigation strategies to ensure compliance with current procedures and policies across the organization.
Essential Functions:
Planning and leading organization-wide security audits to ensure compliance with the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS), HIPAA, and various other mandates
Working with the information technology (IT) department and other relevant departments to coordinate audits, both internally and externally
Developing, preparing, and reviewing documents related to compliance and assessments
Designing remediation efforts when security deficiencies are found
Coordinating annual SOX and Statement on Standards for Attestation Engagements No. 16 (SSAE 16) audits for the IT department
Identify threats and risk exposures, assess and manage risks, and monitor the implementation of corresponding programs
Planning and maintaining compliance activities according to existing policies and standards as well as industry regulations
Pointing out the shortcomings associated with existing platform security and compliance processes and developing ways to address them
Working with third parties and consultants as needed for independent security audit
Respond to client audits and act as the subject matter expert for all client questionnaires
Escalate high and critical risks or risk trends to the appropriate level of leadership
Provide audit and compliance metrics monthly
Embed compliance culture and risk awareness across the company
Provide off-hours support if required
Performs other duties as may be assigned.
Requirements
Broad technical knowledge of information security and compliance principles and process
Experience in operating, monitoring, and implementing security policies, standards, and controls
Experience managing external audit activity and supporting internal audits
Knowledge of core security controls and systems such as risk analysis quantification and point of escalation
Ability to implement new policies and programs
Strong written and verbal communication skills
Strong analytical and critical thinking skills
Highest degree of personal integrity.
Bachelor's degree in computer science, Information Technology, or equivalent experience preferred 10 or more
years of professional networking experience including 5 or more years of security management
and/or compliance.
Professional certification, such as CISA, CISM, CRISC, CISSP, or ISAAP
Benefits
*New Associates become eligible for benefits the 1st of the month following 60 days!•Medical (2 plan designs to choose from)•Dental•Vision•Life & Disability Insurance Options•401K•Career growth & development•Friendly company culture!
JSM is an equal opportunity employer.
This role will monitor, manage, and close existing compliance issues while analyzing internal systems for compliance with security standards. This position will work with IT support staff to perform vulnerability and risk assessments and develop mitigation strategies to ensure compliance with current procedures and policies across the organization.
Essential Functions:
Planning and leading organization-wide security audits to ensure compliance with the Sarbanes-Oxley Act (SOX), the Payment Card Industry Data Security Standard (PCI DSS), HIPAA, and various other mandates
Working with the information technology (IT) department and other relevant departments to coordinate audits, both internally and externally
Developing, preparing, and reviewing documents related to compliance and assessments
Designing remediation efforts when security deficiencies are found
Coordinating annual SOX and Statement on Standards for Attestation Engagements No. 16 (SSAE 16) audits for the IT department
Identify threats and risk exposures, assess and manage risks, and monitor the implementation of corresponding programs
Planning and maintaining compliance activities according to existing policies and standards as well as industry regulations
Pointing out the shortcomings associated with existing platform security and compliance processes and developing ways to address them
Working with third parties and consultants as needed for independent security audit
Respond to client audits and act as the subject matter expert for all client questionnaires
Escalate high and critical risks or risk trends to the appropriate level of leadership
Provide audit and compliance metrics monthly
Embed compliance culture and risk awareness across the company
Provide off-hours support if required
Performs other duties as may be assigned.
Requirements
Broad technical knowledge of information security and compliance principles and process
Experience in operating, monitoring, and implementing security policies, standards, and controls
Experience managing external audit activity and supporting internal audits
Knowledge of core security controls and systems such as risk analysis quantification and point of escalation
Ability to implement new policies and programs
Strong written and verbal communication skills
Strong analytical and critical thinking skills
Highest degree of personal integrity.
Bachelor's degree in computer science, Information Technology, or equivalent experience preferred 10 or more
years of professional networking experience including 5 or more years of security management
and/or compliance.
Professional certification, such as CISA, CISM, CRISC, CISSP, or ISAAP
Benefits
*New Associates become eligible for benefits the 1st of the month following 60 days!•Medical (2 plan designs to choose from)•Dental•Vision•Life & Disability Insurance Options•401K•Career growth & development•Friendly company culture!
JSM is an equal opportunity employer.