Information Security Compliance Analyst

It's fun to work in a company where people truly BELIEVE in what they're doing!

Ingram Micro is the business behind the world's brands reaching nearly 90 percent of the world's population. Our market reach, diverse solutions portfolio, and digital platform Ingram Micro Xvantage set us apart. We have approximately 27,000 associates committed to serving our more than 161,000 customers and 1,500 vendor partners worldwide. Learn more at www.ingrammicro.com.

Ingram Micro has earned Great Place to Work Certification for 2022-2023 in the United States! This prestigious recognition reflects our commitment to our people and our culture.

Come join our team where you'll make technology happen in surprising ways. Let's shape tomorrow - it'll be a fun journey!

This position is based in our Irvine, California Corporate Headquarters with the opportunity to work up to two days remote per week.

YOUR ROLE:

The Information Security Compliance Analyst will report to our Sr Manager of Quality and will be part of the OpEx compliance team. The Analyst will support global activities as they relate to ISO27001, ISO9001 and ISO14001. You will be responsible for for providing subject matter expertise in ISO27001 Information Security regarding compliance requirements. In addition, implementing, maintaining and improving the Information Security Management System at a corporate level for Ingram Micro facilities across North and Central America.

The Information Security Compliance Analyst will perform and lead complex compliance reviews, within the IT audits including network, internet, applications, telecommunications, security administration, and contingency planning. Assess risks, develops detail audit/compliance programs, execute audit/compliance programs steps, analyses result and effectively communicates results to senior management.

Additional Responsibilities Include:

• Manage and Support IT compliance activities for regional information security support of ISO27001 auditing, reporting and remediation where appropriate.

• Coordinate and communicate IT compliance activities to align with Global IS leadership in support and improvement of ISO27001 management system.

• Ensure regional IS compliance to IS security standards (ISO27001) requirements

• Plan and conduct complex IS and integrated audit/compliance projects, including preparation of an objective risk-based assessment and an effective audit/compliance approach.

• Leads and/or participates on audit/compliance activities of various locations and departments for compliance with plans, policies and procedures.

• Execute operational activities to support IS audit and compliance activities including technical validation processes.

• Execute collection of evidence to support compliance status

• Provide and present reporting including monthly metric delivery

• Manage escalation and enforcement for unresolved noncompliance issues

• Manage and Support External Audit activities and reporting

• Work with Information Security staff to ensure tools and reporting mechanisms are satisfactorily meeting statutory objectives

• Support compliance and security validation of all 3rd party IT providers

• Maintain strong working relationships with internal and external support teams including Global, Regional and Country IS associates

• Work on special projects as required by management

• Stay abreast of changes within the IS compliance areas including business change requirements and regulatory changes from an international perspective

• Support and enforce Information Security Policy, Standards, and Guidelines for business operations and technology implementations

• Work as the Subject Matter Expert (SME) on assigned projects and offers council regarding the intent of Compliance requirements

WHAT YOU BRING TO THE ROLE:

• A Bachelor's degree in Computer Science, Engineering, or related Science and Math discipline with an IS or Business emphasis is required.

• 5+ years of experience with IS compliance projects (specifically ISO27001)

• Understands key security concepts such as access management, vulnerability and patch management, security information event management, and encryption

• Strong understanding of TCP/ IP and other network protocols

• Understanding of the basic audit best practices, standards and methodologies

• Ability to formulate detailed technical documentation preferred

• ASQ Certified Engineer, Auditor or OE Managers preferred

• Experience using SharePoint, MS Excel, Word, PowerPoint and Visio

• Must possess a valid passport and be legally allowed to leave and return to originating country.

ATTRIBUTES WE LOOK FOR:

• The ability to work independently and in cross functional teams

• Actively looks for opportunities to develop new ideas to positively impact existing methods, services, or products.

• Understands, analyzes, and documents cost/benefit analysis where appropriate.

• Actively accepts individual and team responsibilities and meet commitments. Takes responsibility for own performance and actions and demonstrates responsibility and teamwork towards overall team/department goals.

• Ability to multi-task and work on projects concurrently and under tight deadlines

• Must be detail oriented and customer focused with excellent time management skills

• Takes and exhibits initiative to further develop technical and professional skills, by attending training and/or willingness to learn new systems or technologies in use by the Information Systems department.

• Possesses understanding of Ingram Micro's business including knowledge of department names and business processes conducted by each, company global organization, and key customer and vendor segments.

BEHAVORIAL COMPETENCIES:

Communication

• Excellent verbal, written and inter-personal communication skills

• Strong communication skills; capable of explaining technical issues simply both verbally and in writing

• Keeps his/her manager informed of any problems, challenges, or unanticipated events affecting his/her work.

• Listens respectfully and avoids interrupting.

• Expresses ideas and suggestions in an organized and concise manner both orally and in written form.

• Solicits and readily accepts constructive feedback.

• Maintains composure when addressing an adversarial or hostile audience.

Decision Making

• Researches and collects appropriate data points for effective decision making.

• Readily makes recommendations and includes necessary documentation and material to support conclusions.

Develops Innovative Practices

• Identify, develop and manage innovative ideas and solutions to problems.

• Identify opportunities to reduce inefficiencies in work processes.

• Recognizes when it is appropriate to challenge the status quo and when it is not.

Works as a Team Member

• Supports team decisions to implement changes, suggestions, improvements, and solutions.

• Encourages and supports the exploration and application of best practices.

• Offers assistance to others and shares information regardless of personal likes or dislikes.

Acts with Integrity & Respect

• Prevents personal conflicts from interfering with his/her objectivity.

• Consistently arrives on time for meetings and appointments.

• Accepts responsibility for the results of his/her decisions and actions.

• Behaves in a way that is consistent with Ingram Micro's values.

#LI-AH1

#LI-Hybrid

The typical base pay range for this role across the U.S. is USD $66,100.00 - $105,800.00 per year.

The ranges above reflect the potential annual base pay across the U.S. for all roles; the applicable base pay range will depend on the candidate's primary work location, pay grade, and variable compensation plan. Individual base pay within each range depends on various factors, in addition to primary work location, such as complexity and responsibility of role, job duties/requirements, and relevant experience and skills. Base pay ranges are reviewed and typically updated each year. Offers are made within the base pay range applicable at the time of hire. New hires starting base pay generally falls in the bottom half (between the minimum and midpoint) of a pay range.

At Ingram Micro certain roles are eligible for additional rewards, including merit increases, annual bonus or sales incentives and long-term incentives. These awards are allocated based on position level and individual performance. U.S.-based employees have access to healthcare benefits, paid time off, parental leave, a 401(k) plan and company match, short-term and long-term disability coverage, basic life insurance, and wellbeing benefits, among others.

This is not a complete listing of the job duties. It's a representation of the things you will be doing, and you may not perform all these duties.

Please be prepared to pass a drug test and successfully pass a pre-employment (post offer) background check.

Ingram Micro believes there is no place in our society for social injustice, discrimination, or racism. As a company we do not - and will not - tolerate these actions.

Ingram Micro Inc. is committed to creating a diverse environment and is proud to be an equal opportunity employer. All qualified applicants will receive consideration for employment without regard to race, color, religion, gender, gender identity or expression, sexual orientation, national origin, genetics, disability, age, veteran status, or any other protected category under applicable law.