Security Compliance Review Analyst - Information Services

Crowe Horwath Oak Brook , IL 60523

Posted 2 months ago

Job Summary

The Security Compliance Review Analyst assist in the firm's overall risk management function by conducting reviews of information security and/or privacy related policies and procedures to determine the organizations compliance. Works with the Security Compliance Leader and the Enterprise Leader of Security and Privacy to develop:

  • A schedule of the policies and/or procedures to be reviewed

  • The review methodology to be used

  • The report format to be used to document the review activity and any material findings.

This position will may also assist in developing solutions to mitigate any material finds.

Takes direction from the Security Compliance Leader with input/involvement from the Firmwide Leader, Information Security and Privacy. May also have periodic interaction with the CIO and Firm Risk Management as projects warrant.

Responsibilities:

  • Developing a plan to review compliance with security and privacy related policies and procedures throughout the firm.

  • Monitors the firm's Information Security and Privacy Program compliance and effectiveness in coordination with the firm's other compliance and operational assessment functions.

  • Participates in short- and long-term planning.

  • Works with the SOC and HIPAA leaders to coordinate review activities to reduce repetitive activities and increase the overall effectiveness of the program.

  • Maintains working knowledge of Federal and State legislative and regulatory initiatives.

  • Assists in developing and implementing appropriate information security and privacy policies, standards, guidelines and procedures.

  • Works effectively with BU/DU/SDU Leaders and serves as a conduit to the firm's other information security personnel and the Firmwide Leader Information Security and Privacy.

  • Provides meaningful input and prepares effective presentations to communicate the results of security assessments to all levels of management.

  • Assists with investigations of information privacy violations and/or computer system breach. Works effectively as a member of the firm's incident response team with BU management, Firmwide Risk Management, Legal, and external law enforcement to address these instances.

  • Maintains current knowledge of applicable federal and state privacy/security laws and accreditation standards.

  • Assists Firm Risk Management, Legal and BU management with compliance reviews or investigations by external regulatory agencies, or firm clients.

  • Assists with the development of policy, training and process enhancements to mitigate and/or eliminate review findings.

  • Reviews instances of noncompliance and works effectively and tactfully to correct deficiencies. If prompt resolution cannot be obtained, escalates the issue to the Firmwide Leader Information Security and Privacy and the appropriate BU management.

  • Assists the Information Security Operations team to develop security and privacy training and orientation materials for all Crowe partners and employees, interns, contractors, and other appropriate third parties.

  • Initiates, facilitates and promotes activities to foster information security and privacy awareness within the organization.

  • Serves as an internal consultant to the firm on privacy and security matters.

  • Collaborates with other information security and privacy team members as needed or directed.

  • Makes recommendations for the improvement of operational processes and procedures to address or mitigate assessment findings.

  • Assists with firmwide risk assessment activities as needed.

  • Assist with the drafting and/or review of new policies and procedures as needed.

Company Overview

YOUR JOURNEY AT CROWE STARTS HERE:

At Crowe LLP, you have the opportunity to deliver creative solutions to today's complex business issues. Crowe's accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their dedication to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our dedication to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a "Best Place to Work." We are 75 years strong and still growing. Come grow with us!

Qualifications

  • Bachelor's degree in Accounting, Computer Science, MIS, Information Systems or engineering fields, or equivalent experience required.

  • 5 years' experience in an auditing or compliance review role.

  • CISSP or CISA Certification a plus.

  • Working knowledge of security and privacy guidelines and frameworks with a preference toward those in healthcare and financial services.

  • Flexible, agile and able to manage within ambiguity as necessary

  • Excellent organizational/project management and analytical skills.

  • Some travel required to perform job duties (< />

ABOUT THE TEAM:

Information Services (IS): Information Services manages the firm's infrastructure design and security, project management office, architecture, enterprise application services, client service and infrastructure and administration.

OUR BENEFITS:

At Crowe, we know that great people is what makes a great firm. We value our people and offer employees a comprehensive benefits package.

Learn more about what working at Crowe can mean for you.

HOW YOU CAN GROW:

We will nurture your talent in an inclusive culture that values diversity. You will have the chance to meet on a consistent basis with your Career Coach that will guide you in your career goals and aspirations.

Learn more about where talent can prosper.

MORE ABOUT CROWE:

Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world.

EOE

M/F/D/V

M/F/D/V


icon no score

See how you match
to the job

Find your dream job anywhere
with the LiveCareer app.
Mobile App Icon
Download the
LiveCareer app and find
your dream job anywhere
App Store Icon Google Play Icon
lc_ad

Boost your job search productivity with our
free Chrome Extension!

lc_apply_tool GET EXTENSION

Similar Jobs

Want to see jobs matched to your resume? Upload One Now! Remove
Sharepoint Administrator (Contract) Information Services Operations

Crowe Horwath

Posted 7 days ago

VIEW JOBS 11/5/2019 12:00:00 AM 2020-02-03T00:00 Job Summary The SharePoint Administrator will assist in managing and maintaining SharePoint Operations Infrastructure, processes and procedures required to meet the firm's information needs. Additionally, this individual will assist the installation, configuration, security, tuning, and support for each of the SharePoint environments. RESPONSIBILITIES: * Troubleshoot SharePoint Health analyzer, event logs, and ULS logs on various SharePoint Environments adhering to best practices determined by SharePoint team. * Assist with Management of the SharePoint environment to ensure the installation, security, stability, reliability, recoverability, performance, and documentation of the environment and underlying application infrastructure. By adhering to standards, procedures, and guidelines, team members perform and/or manage the intake, diagnostic, prioritization, execution, implementation and resolution processes, as well as, maintain the proper level of communication with the client and other IS staff involved in the resolution of the issue or task. * Assist in the management of the firm's enterprise backup infrastructure, and perform activities to ensure data recoverability. * Participate and direct efforts with regard to disaster recovery and business continuity relating to the SharePoint infrastructure, and third party applications. * Investigate and stay abreast of technical and practical industry information related to the functions and features of SharePoint services. * Collaborate with IS management to define and build the SharePoint infrastructure. Company Overview YOUR JOURNEY AT CROWE STARTS HERE: At Crowe LLP, you have the opportunity to deliver creative solutions to today's complex business issues. Crowe's accounting, consulting, and technology personnel are widely recognized for their in-depth expertise and understanding of sophisticated process frameworks and enabling technologies, along with their dedication to delivering measurable results that help clients build business value. Our focus on emerging technology solutions along with our dedication to internal career growth and exceptional client value has resulted in a firm that is routinely recognized as a "Best Place to Work." We are 75 years strong and still growing. Come grow with us! Qualifications * Troubleshooting skill set with the technical knowledge of ULS logs, correlation ID's, Server, network, SQL and event logs related to SharePoint. 3 - 5 years * SharePoint administration to support the day to day operations. 3 -5 years * Maintain a strong, in-depth knowledge of SharePoint and related technologies and third party applications, and implement automated processes and procedures for monitoring, event detection, and alerting. 3-5 years * Identify and provide accurate, timely, and relevant communication to management on SharePoint and related technology changes and trends within the industry. 3-5 years * Flexible, agile and able to manage within ambiguity as necessary * Excellent organizational/project management and analytical skills. ABOUT THE TEAM: Information Services (IS): Information Services manages the firm's infrastructure design and security, project management office, architecture, enterprise application services, client service and infrastructure and administration. MORE ABOUT CROWE: Crowe (www.crowe.com) is one of the largest public accounting, consulting and technology firms in the United States. Crowe uses its deep industry expertise to provide audit services to public and private entities while also helping clients reach their goals with tax, advisory, risk and performance services. Crowe is recognized by many organizations as one of the country's best places to work. Crowe serves clients worldwide as an independent member of Crowe Global, one of the largest global accounting networks in the world. The network consists of more than 200 independent accounting and advisory services firms in more than 130 countries around the world. EOE M/F/D/V Crowe Horwath Oak Brook IL

Security Compliance Review Analyst - Information Services

Crowe Horwath