Responsibilities
Coordinate compliance audits and help the organization meet its security standards and performance goals
Verify the organization's performances against corporate, industry, and regulatory standards such as WebTrust, FISMA, FedRAMP, PCI, SOX, SOC II, etc...
Support internal audit program to ensure ongoing compliance with security policies and procedures
Verify audit logs and documentation are maintained by each department as require
Ensure remediation activities are completed on schedule and ensure timely notification to affected parties
Assist with certification/accreditation efforts by modifying existing policies and procedures to comply with accreditation bodies required format and structure.
Act as main PoC in the coordination and standardization of responses to customer-provided security surveys/requests and questionnaires
Partner with the Network, Operations and third party teams in the execution of periodic security audits including intrusion and penetration testing, recommending remediation activities where applicable
Partner with the Corporate Security team in the performance of site-specific audits.
Liaise with Product Management, Architecture, Engineering, and Operations groups to assess security elements associated with new/potential projects
Remain current on audit standards and methodologies.
Contribute to the development and evolution of the IT Security & Compliance Function.
Qualifications
Bachelor's Degree in Computer Science, MIS or related field, or equivalent
3 - 6 years of IT administration, IT auditing, security monitoring or related experience
Working knowledge of industry and regulatory IT audit standards including, but not limited to, PCI DSS, FISMA, ISO 27xxx, SSAE-16, and Webtrust for CA
Working knowledge of encryption/authentication technologies, firewalls, vulnerability assessment, virus protection and internet security controls, TCP/IP networking and routing, database systems and UNIX and
windows operating systems
Strong working knowledge of security monitoring tools
Strong oral and written communication skills
Strong analytical skills
Excellent interpersonal skills and the ability to work effectively with others as a team
Security certifications such as GIAC, CISSP, CISM, or CISA preferred
US Citizenship Required