Security & Compliance Specialist
1200 Grand Central Avenue Glendale, CA 91201
- Developing the overall timelines and project plans for necessary compliance work, including the following types of activities: collection and QA of requested documentation, process and control walkthroughs, testing, observations/interviews with Auditors, and remediation to address any control gaps.
- Working with the internal and external auditors as they conduct their audits; this could include coordinating and facilitating site visits, providing them with all requested documentation, and addressing resulting questions or concerns.
- Partnering with internal stakeholders, of varied leadership levels, with responsibility for in-scope applications to educate them on compliance requirements, ensure appropriate controls are in place to meet the requirements and assist them with outlining remediation plans to address any deficiencies.
- Providing work direction to compliance team members, including on-site and off-shore resources.
- Working with Corporate resources to ensure alignment with the overall enterprise Compliance programs.
- Analyzing changes in regulations for our compliance programs and implementing plans for these to be sufficiently addressed.
- 8+ years of IT audit or IT compliance experience
- 8+ years of program and project management experience
- Ability to understand technical risks and issues and recommend solutions to address.
- Ability to communicate technical concepts in business terms.
- Ability to articulate IT compliance requirements and design IT controls.
- CISA certification required
- BA/BS or equivalent
- Expert project/program management skills, with strong emphasis on organization, communication and prioritization skills.
- Demonstrated verbal and written communication skills.
- Demonstrated record of taking initiative and thorough follow thru.
- Self-starter with leadership skills and the ability to manage multiple tasks concurrently.
- Strong analytical and decision-making skills.
- Strong negotiation and influencing skills.
- Ability to build and maintain constructive working relationships with a diverse community of technical and non-technical audiences.
- Demonstrated experience in identifying compliance risk and development of mitigation/remediation plans.
- Ability to work in large global environments spanning multiple time-zones.
- Experience using the Archer/RSA Governance, Risk and Compliance tool as a document repository for Compliance documentation.
- In depth knowledge of laws, regulations, and industry requirements related to Information Security (i.e. Payment Card Industry, Domestic and International Privacy regulations).