Information Security Assurance Analyst II (Relocation Opportunity)

Benefitfocus Atlanta , GA 30301

Posted 11 months ago

Position is located in Charleston, SC

The Information Security Assurance Analyst is responsible for assisting with the SOC, PCI, HIPAA and other regulatory audits to include but not limited to the creation of audit plans, auditing security controls, policies and procedures and analysis of data in order to ensure regulatory compliance.

Job Duties:

  • Organizes compliance program by creating reports and metrics from Data Loss Prevention tools, maintaining technical policies and rules (including Regular Expressions), and working with other teams to communicate changes made.

  • Supporting assurance functions of the organization by using various compliance tools.

  • Attains compliance by isolating and resolving non-compliance issues; recommending remediation to technical issues.

  • Development of APIs to integrate compliance tools with other data sources (e.g. HR systems, Cybersecurity tools).

  • Ability to write solution workflow diagrams, system documentation, playbooks, etc.

  • Prepares compliance reports by collecting, analyzing, and summarizing measurement data and trends.

  • Updates job knowledge by tracking and understanding emerging compliance engineering practices and standards; participating in educational opportunities and professional organizations; reading professional publications; maintaining personal networks.

  • Enhances engineering and organization reputation by accepting ownership for accomplishing new and different requests; exploring opportunities to add value to job accomplishments.

  • Prior experience auditing and performing quality control actions of audits.

Required Minimum Qualifications:

  • Bachelor's Degree in related field and 3+ years of experience in Information & Network Security or IT Compliance.

  • Strong technical, analytical, interpersonal, communication and writing skills Strong verbal and written communication skills with ability to work in a team setting

  • Good understanding of fundamental security and network concepts (operating systems, databases, intrusion/detection, TCP/IP, ports, etc.)

Preferred Qualifications:

  • Information Technology experience in the Healthcare or SaaS Industry

  • Experience with GRC tools for information gathering and reporting

  • Knowledge of government and/or industry regulatory requirements (SOC, HITRUST, PCI, SOX, HIPAA, etc.)

  • Knowledge/understanding of security standards (e.g. NIST, STIG, etc.)

  • One or more of the following Certifications: CISSP, CRISC, CISA, CCNP, CISM

icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Lead Information Security And Compliance Analyst


Posted Yesterday

VIEW JOBS 2/28/2020 12:00:00 AM 2020-05-28T00:00 Overview Leveraging deep integrations into retailers' point-of-sale systems, InComm is revolutionizing the commerce experience through innovative payments technology. InComm leverages end to end solutions to bring branded activatable products to retailers both in store and digitally. Our process includes everything from card printing, inventory management and forecast analytics, to the development and integration of activation technology in point of sale machines world-wide. From there we leverage our backend platform as a service technology to drive product activation to the tune of several thousand card activations every second. Whether those consumers are activating prepaid products, paying bills, enjoying real-time discounts through a membership card, purchasing digital goods in-store or adding funds to an online account, InComm is there to provide unique gift-gifting opportunities, cater to on-the-go shoppers, deliver added value through loyalty programs and serve cash-based consumers. InComm is headquartered in Atlanta, GA with a presence in over 30 countries, an organization of approximately 3,000 employees, several hundred international technical patents, and a network that includes over 600,000 points of retail distribution. With innovation as our number 1 company value, our speed to market for new products and services is accelerating rapidly and quickly positioning InComm as a global leader in fintech innovation. Learn more at or connect with us on Twitter, Facebook, LinkedIn, or Our Blog. Inside InComm from InComm on Vimeo. Responsibilities Looking for a compliance subject matter expert on legal and regulatory requirements as it pertains to SOC, PCI, information security, information risk, privacy and other applicable laws and standards and works to align internal and external processes and procedures to these requirements. Able to understand IT licensing terminology and perform periodic checks to ensure licensing compliance. Monitors activities of assigned area(s) within the enterprise to ensure compliance with applicable internal controls, policies, procedures and external laws and regulations. Performs ongoing in-depth compliance analysis and reviews and makes recommendations on necessary procedural/control changes on more complex compliance matters. This entails gathering documentation, reviewing existing compliance controls for regulatory updates and performs the necessary gap analysis. Assists in the design of audit/compliance programs to ensure training, ongoing evaluation and validation of control effectiveness. Identifies key control points within a process/activity and develops test steps designed to evaluate the adequacy and effectiveness of those internal controls. Demonstrates knowledge of the tested process and understanding of how interactions and control failures impact the business objective. Identifies developmental opportunities and provides timely, candid, and constructive feedback throughout the testing period. Communicates control strengths and weaknesses to internal audit and compliance and collaborates with internal audit to develop migration plans. Partners with various lines of business to ensure compliance with all consumer compliance laws, regulations and provide ongoing regulatory guidance. Supports management in the day-to-day efforts related to compliance with laws, rules, regulations and related policies. Compliance Analyst IV will also support the Compliance Director in developing the Vendor Oversight Program to include analyzing risk assessments, performing audits, creating reports, educating and following up with the business area to ensure processes exist to demonstrate compliance with delegation and vendor oversight requirements for the Plan. Qualifications * Minimum 5 years of progressive experience in IT Audit, Compliance, Governance, Cyber Security and/or Privacy, Risk Managment• Must hold CISA, CISSP, or CRISC certification• Bachelor's degree in Computer Science, Information Technology or equivalent requiredKnowledge of industry standards and best practices for IT audit -- COBIT, ISO Framework, SSAE 16,18• Fundamental understanding of risk-based information security management, as well as knowledge of applicable regulations, standards, and guidelines pertaining to information assurance (FFIEC, NIST, ISO Standards)• Experience in PCI, ISO, Cybersecurity, Privacy and SOC• Experience in any managed services - Identity and Access Management, IT Asset Management or Vulnerability Management• Experience in vendor risk management• Experience in information security and risk policy and standards development• Experience in self-assessments to align with regulatory requirements• Must be a self-starter, flexible, innovative and adaptive• Strong interpersonal skills for building strong relationships with stakeholders and engaging teams• Effectiveness in working within a large scale and complex matrix organization is essential• Excellent oral communication and writing skills in interacting with non-executives and executive management and across several business lines and control functions• Develops effective line management relationships to ensure strong understanding of the business• Must be technical to work closely with IT for functions related to IT Compliance• Function as the primary point of contact with external and internal auditors, reviewing engagement letters, control matrices, and providing timely detailed documentation to address requests• Monitor and enforce IT licensing and contractual compliance• Monitor contract expirations and assist in renewal process• Ensure proper maintenance of records related to assets, contracts, and licenses• Maintain organized files and proper evidence of compliance activities• Compile data and draft reports as required to support department reporting requirements• Draft and maintain key department documentation, including IT policies and control matrices• Able to configure and manage any GRC tool for controls, repository, reporting, compliance, audit related functions• Develop audit tools, plan, schedule, and conduct readiness audits as it relates to all lines of business and the Compliance Program.• Provide written reports of audit findings and present recommendations.• Advanced skills with MS Office tools (including Excel, Word, Power Point), PowerBI for data analytics and experience with auditing software.• Performs other duties and responsibilities as assigned. InComm provides equal employment opportunities (EEO) to all employees and applicants for employment without regard to race, color, religion, sex, sexual orientation, gender identity or national origin, citizenship, veteran's status, age, disability status, genetics or any other category protected by federal, state, or local law. * This position is eligible for the Employee Referral Bonus Program - Tier 3 Incomm Atlanta GA

Information Security Assurance Analyst II (Relocation Opportunity)